@Pico,
Your posts are based on opinions, which were based on other opinions. You assume that Comodo is still bad, so those past opinions must be true for the current Comodo 2025.
This contradicts the rules of the thread.
Please show the evidence that most of the old bugs are still unfixed, without assuming that Comodo is bad. Nothing related to the new CIS version (including reports of users) confirms your opinion yet. However, I do not exclude the possibility that your scepticism can be confirmed. Do not repeat what we all already know. Just do some new research (like, for example,
@Trident) and show the evidence.
My analysis of security forums, user communities, and bug report discussions reveals several recurring themes. It's important to distinguish between confirmed, exploitable vulnerabilities and quality assurance (QA) bugs or compatibility issues, but several reported issues have clear security implications.
These issues often do not receive a CVE identifier because they may not fit the classic definition of a remotely exploitable vulnerability, but they are tracked and discussed at length within the product's user and security research communities.
Vulnerabilities
A number of critical vulnerabilities have been identified in version 12.3.4.8162, with public disclosure in mid-2025. The vendor reportedly did not respond to initial disclosures.
CVE-2025-7098:
Severity:
Critical (CVSSv3.1 Base Score: 8.8 High)
Description: A path traversal vulnerability in the "File Name Handler" component. Manipulation of the name/folder argument could allow a remote attacker to access restricted directories.
Affected Module: Unknown function handling file names.
CVE-2025-7097:
Severity: Critical
Description: An OS command injection vulnerability in the "Manifest File Handler" component. Manipulation of the binary/params argument within the cis_update_x64.xml file can lead to arbitrary command execution. The attack can be initiated remotely.
Affected Module: Update mechanism parsing the cis_update_x64.xml file.
CVE-2025-7096:
Severity: Critical (CVSSv3.1 Base Score: 8.1 High)
Description: An improper validation of integrity check value vulnerability in the "Manifest File Handler." This allows for manipulation of the cis_update_x64.xml file, potentially leading to the execution of malicious updates.
Affected Module: Update mechanism parsing the cis_update_x64.xml file.
CVE-2025-7095:
Severity: Critical (Classified as critical, but with a low CVSSv3.1 score of 3.7)
Description: An improper certificate validation vulnerability in the "Update Handler" component. This could allow a remote attacker to present a malicious update as legitimate.
Affected Module: The software's update handler.
Conclusion
Risk Summary: High
Overall Assessment: Comodo Internet Security 2025, developed by Xcitium, is built on a strong "Default Deny" and "Auto-Containment" security philosophy, which is effective against zero-day threats. However, the specified version 12.3.4.8162 is critically undermined by a series of high-severity vulnerabilities in its update mechanism and file handling components. These flaws could allow a remote attacker to bypass the software's protections and execute arbitrary code, negating its core security principles. The lack of a public response from the vendor to the disclosure of these vulnerabilities is also a significant concern.
Recommendations
Do Not Deploy
This specific version (12.3.4.8162) should not be deployed due to the presence of multiple critical, remotely exploitable vulnerabilities.
Immediate Patching Required
If this version is in use, it must be updated to a patched version that addresses CVE-2025-7095, CVE-2025-7096, CVE-2025-7097, and CVE-2025-7098 as soon as one is made available.
Supply Chain Scrutiny
A deeper analysis of the software's third-party dependencies is recommended to identify any potential inherited risks.
Network Monitoring
Monitor network traffic for communications with update servers and be vigilant for any signs of compromise related to the identified vulnerabilities.
forums.comodo.com
