CVE-2022-34008

Name of the Vulnerable Software and Affected Versions Comodo Antivirus version 12.2.2.8012

Description The issue is related to a quarantine flaw that allows privilege escalation. A low-privileged attacker can exploit this by using an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder.

Recommendations For Comodo Antivirus version 12.2.2.8012, as a temporary workaround, consider restricting access to the quarantine feature to minimize the risk of exploitation. Additionally, avoid using NTFS directory junctions to restore files from quarantine until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.