CVE-2025-7097 | Comodo Internet Security Premium 12.3.4.8162 Manifest File cis_update_x64.xml binary/params os command injection

A vulnerability, which was classified as critical, has been found in Comodo Internet Security Premium 12.3.4.8162. This issue affects some unknown processing of the file cis_update_x64.xml of the component Manifest File Handler. The manipulation of the argument binary/params leads to os command injection.

The identification of this vulnerability is CVE-2025-7097. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-7097 | Comodo Internet Security Premium 12.3.4.8162 Manifest File cis_update_x64.xml binary/params os command injection

Post correlati

CVE-2024-9355 | golang-fips uninitialized resource

CVE-2024-12658 | IObit Advanced SystemCare Utimate up to 17.0.0 IOCTL AscRegistryFilter.sys 0x8001E01C null pointer dereference

CVE-2024-51658 | Henrik Hoff WP Course Manager Plugin up to 1.3 on WordPress cross-site request forgery

CVE-2024-11374 | TWChat Plugin up to 4.0.4 on WordPress cross site scripting