Security researchers have found multiple serious flaws in Comodo Internet Security Premium 2025. These issues allow hackers to remotely execute code on your system with SYSTEM-level privileges. In simple words, they can take full control of your computer.
The affected version is 12.3.4.8162, and the bugs are tracked as CVE-2025-7095. The flaws were discovered by researchers at FPT IS Security.
The problem is with how Comodo handles software updates. The app connects to https://download.comodo.com to download updates. However, it does not properly check SSL certificates. Because of this, attackers can redirect the update request to a fake server using DNS spoofing.
So even if it looks like you are downloading an official update, the files might be coming from a hacker’s server.
The researchers showed how attackers on the same network can use tools like Scapy and ARP spoofing to hijack DNS requests. Once the update is redirected, they can send a malicious file that runs on your system with full privileges.
Read: Best Antivirus Software
They also showed how PowerShell scripts can be used to run tools like Mimikatz. This allows the hacker to steal passwords, even those saved for the Administrator account.
Comodo does not check if the update files are real or fake. Hackers can create a fake XML file with a command tag. That tag can execute any command it wants with SYSTEM access.
There is also a path traversal flaw. Attackers can place malware inside the Windows startup folder using a simple folder trick. This makes sure the malware runs every time the system boots.
Even if the attack starts with basic user access, hackers can still gain full SYSTEM access using known methods like UAC bypass.
The flaws have a CVSS 4.0 score of 6.3, which is marked as medium severity. But the real danger is much higher. A successful attack gives the hacker complete control of the system. They can steal data, install spyware, or cause damage.
The researchers said they have not received any response from Comodo. There is no patch or update available to fix these issues at the moment.
If you use Comodo Internet Security 2025, you should avoid using public Wi-Fi or shared networks where attackers can hijack traffic. Enable the firewall to block suspicious update traffic. You should also disable automatic updates if possible, until a fix is released.
