Platform
windows
Component
comodo-internet-security-pro
Fixed in
12.2.5
CVE-2024-7248 is a directory traversal vulnerability discovered in Comodo Internet Security Pro. This flaw allows local attackers to escalate privileges by manipulating file paths within the update process. The vulnerability impacts versions 12.2.4.8032 through 12.2.4.8032. A fix is expected from Comodo, and users are advised to monitor for updates.
Successful exploitation of CVE-2024-7248 allows a local attacker to bypass security restrictions and gain elevated privileges on the compromised system. This can lead to complete control over the affected machine, including the ability to install malware, access sensitive data, and modify system configurations. The attack leverages the update mechanism, a critical component for maintaining system security, making it a particularly concerning vulnerability. The lack of proper input validation in file operations is the root cause, enabling attackers to craft malicious paths that bypass intended security checks. This vulnerability shares similarities with other directory traversal exploits where attackers manipulate file paths to access unauthorized resources.
CVE-2024-7248 was publicly disclosed on 2024-07-29. Currently, there is no indication of active exploitation campaigns targeting this vulnerability. No public proof-of-concept (POC) code has been released. The vulnerability's severity is rated HIGH (CVSS 7.8), indicating a significant potential for exploitation if left unaddressed. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.10% (28% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-7248 is to upgrade to the patched version of Comodo Internet Security Pro as soon as it becomes available. Until the patch is applied, consider disabling automatic updates and manually verifying the integrity of downloaded updates before installation. While a direct workaround is unavailable, restricting user access to the update directory and implementing strict file access controls can help reduce the attack surface. Monitor system logs for unusual file access patterns or attempts to access sensitive files outside of expected locations. After upgrade, confirm the vulnerability is resolved by attempting to trigger the traversal path with a benign test file.
Actualice Comodo Internet Security Pro a una versión posterior a 12.2.4.8032. Esto solucionará la vulnerabilidad de escalada de privilegios por recorrido de directorios.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-7248 is a directory traversal vulnerability in Comodo Internet Security Pro versions 12.2.4.8032–12.2.4.8032, allowing local attackers to escalate privileges by manipulating file paths during updates.
You are affected if you are using Comodo Internet Security Pro version 12.2.4.8032–12.2.4.8032. Check your version and upgrade as soon as a patch is available.
The recommended fix is to upgrade to the patched version of Comodo Internet Security Pro. Monitor Comodo's website for updates and apply them promptly.
Currently, there is no evidence of active exploitation campaigns targeting CVE-2024-7248, but its HIGH severity warrants immediate attention and patching.
Refer to the official Comodo website and security advisories for the latest information and updates regarding CVE-2024-7248.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.