CVE-2025-7096

Published Jul 6, 2025

Last updated 10 days ago

CVSS high 8.2

Overview

Description
A vulnerability classified as critical was found in Comodo Internet Security Premium 12.3.4.8162. This vulnerability affects unknown code of the file cis_update_x64.xml of the component Manifest File Handler. The manipulation leads to improper validation of integrity check value. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Source
cna@vuldb.com
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
8.2
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

CVSS 3.1

Type
Secondary
Base score
8.1
Impact score
5.9
Exploitability score
2.2
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

CVSS 2.0

Type
Secondary
Base score
7.6
Impact score
10
Exploitability score
4.9
Vector string
AV:N/AC:H/Au:N/C:C/I:C/A:C

Weaknesses

cna@vuldb.com
CWE-345

Social media

Hype score
Not currently trending

  1. CVE-2025-7096 (CVSS:8.2, HIGH) is Awaiting Analysis. A vulnerability classified as critical was found in Comodo Internet Security Premium 12.3.4.8162. This vulnerability aff..https://t.co/V6zh12Q4xD #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    11 Jul 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-7096 Comodo Internet Security Premium 12.3.4.8162 Remote Integrity Validation Vulnerability https://t.co/For7NGganZ

    @VulmonFeeds

    6 Jul 2025

    78 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-7096 A vulnerability classified as critical was found in Comodo Internet Security Premium 12.3.4.8162. This vulnerability affects unknown code of the file cis_update_x64.xml… https://t.co/yOtPIDXIiI

    @CVEnew

    6 Jul 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. [CVE-2025-7096: CRITICAL] Critical vulnerability in Comodo Internet Security Premium 12.3.4.8162's Manifest File Handler allows remote attacks. Exploit disclosed with no vendor response.#cve,CVE-2025-7096,#cybersecurity https://t.co/kCJWc88Ga0 https://t.co/b4tJceUipc

    @CveFindCom

    6 Jul 2025

    59 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.