Critical Security Flaws Discovered in Comodo Internet Security Premium 2025

Security researchers have uncovered multiple serious vulnerabilities in Comodo Internet Security Premium 2025, specifically in version 12.3.4.8162. These flaws enable hackers to remotely execute code on your system with SYSTEM-level privileges, granting them full control over your computer.

The identified vulnerabilities are tracked as CVE-2025-7095 and were discovered by the experts at FPT IS Security.

The primary issue stems from how Comodo manages software updates. The application connects to https://download.comodo.com for updates but fails to properly verify SSL certificates. This oversight allows attackers to redirect update requests to a malicious server through DNS spoofing.

This means that even if you believe you’re downloading an official update, the files could actually originate from a hacker’s server.

The researchers demonstrated how attackers on the same network can utilize tools such as Scapy and ARP spoofing to hijack DNS requests. Once redirected, they can send malicious files that execute on your system with full privileges.

Additionally, the researchers illustrated how PowerShell scripts can be leveraged to run tools like Mimikatz, which allows hackers to steal passwords, including those saved for the Administrator account.

Comodo does not verify the authenticity of update files. Malicious actors can create a counterfeit XML file with a command tag that can execute any command with SYSTEM access.

There is also a path traversal vulnerability that enables attackers to place malware in the Windows startup folder using simple directory manipulation. This ensures the malware runs every time the system boots up.

Even if the initial attack begins with basic user access, hackers can leverage known techniques like UAC bypass to gain complete SYSTEM access.

These vulnerabilities have a CVSS score of 6.3, categorized as medium severity. However, the actual risk is significantly greater, as a successful exploit grants hackers total control over the system. This includes the ability to steal sensitive data, install spyware, or inflict damage.

As of now, the researchers report that they have not received any response from Comodo, and no patches or updates are available to address these vulnerabilities.

If you are using Comodo Internet Security 2025, it’s advisable to refrain from utilizing public Wi-Fi or shared networks where traffic can be hijacked. Enable the firewall to block suspicious update traffic, and consider disabling automatic updates until a fix is released.

Stay informed and protect your system against potential threats!

### Image Alt Text Update
If there were any images in the original content, please provide them, and I will gladly rewrite the alt text to enhance its SEO effectiveness!