CVE-2019-3970

Name of the Vulnerable Software and Affected Versions Comodo Antivirus versions up to 12.0.0.6810

Description The issue arises from the handling of Comodo's Antivirus database by Cavwp.exe, which loads the Comodo antivirus definition database into unsecured global section objects. This allows a local low-privileged process to directly modify the data and change virus signatures, resulting in an Arbitrary File Write issue.

Recommendations For Comodo Antivirus versions up to 12.0.0.6810, consider restricting access to the Cavwp.exe process until a patch is available, or apply configuration changes that secure the handling of the antivirus definition database. At the moment, there is no information about a newer version that contains a fix for this vulnerability.