CVE-2016-20088
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
Comodo Chromodo Browser version 52.15.25.664 contains an unquoted service path vulnerability in the ChromodoUpdater service that runs with SYSTEM privileges. A local attacker can insert a malicious executable in the service path and execute arbitrary code with elevated privileges upon service restart or system reboot.
Risk Assessment
This vulnerability poses a risk to organizations as it allows local attackers to gain full system privileges, potentially leading to serious security breaches.
Recommendation
It is recommended to update Comodo Chromodo Browser to the latest version and to verify and secure service paths to prevent the introduction of malicious software.
Original NVD description (English source)
Comodo Chromodo Browser 52.15.25.664 contains an unquoted service path vulnerability in the ChromodoUpdater service that runs with SYSTEM privileges. A local attacker can insert a malicious executable in the service path and execute arbitrary code with elevated privileges upon service restart or system reboot.

