Comodo · Comodo Internet Security Premium · CVE-2025-7095
Name of the Vulnerable Software and Affected Versions:
Comodo Internet Security Premium version 12.3.4.8162
Description:
A critical vulnerability has been found in the Update Handler component of Comodo Internet Security Premium, leading to improper certificate validation. The attack can be initiated remotely, with a high complexity and difficult exploitability. The vendor was contacted about this disclosure but did not respond.
Recommendations:
For Comodo Internet Security Premium version 12.3.4.8162, as a temporary workaround, consider restricting the use of the Update Handler component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.