Discovery of Sandbox Escape on... - Gais Security- Gais Siber Güvenlik Teknolojileri

Discovery of Sandbox Escape on Comodo Container(Antivirus&Firewall)


Author: Kağan IŞILDAK

CVE: CVE-2019-14270

About Vulnerability: Comodo desktop security products, which has Comodo Container feature are vulnerable to Sandbox Escape due to uncontrolled apply changes. Sandboxed process can change container protection settings and apply on real environment. Therefore isolated process escapes from the sandbox and executes a command on the real system.

Affected Products

  • Comodo Antivirus up to (included)
  • Comodo Firewall up to (included)
  • Comodo Internet Security Premium up to (included)

Affected Component

  • cis.exe
  • cmdvirth.exe
  • cmdvrt{86/64}.dll



After the patch is released for vulnerability, we will share the exploitation code.

Disclosure Timeline

  • 02/11/19 - Vulnerability reported to Comodo.
  • 02/15/19 - Detailing on vulnerability with technical team.
  • 02/25/19 - Comodo confirmed the vulnerability.

Kağan Işıldak 24.07.2019