Lucene search

QualysCVELIST:CVE-2023-28140

HistoryApr 18, 2023 - 3:47 p.m.

CVE-2023-28140 Executable Hijacking

2023-04-1815:47:37

CWE-427

Qualys

www.cve.org

cve-2023-28140

security vulnerability

qualys cloud agent

windows

dll

local attack vector

uninstallation

escalated privileges

end of life

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

23.0%

JSON

An Executable Hijacking condition exists in the
Qualys Cloud Agent for Windows platform in versions before 4.5.3.1. Attackers
may load a malicious copy of a Dependency Link Library (DLL) via a local
attack vector instead of the DLL that the application was expecting, when
processes are running with escalated privileges. This vulnerability
is bounded only to the time of uninstallation and can only be exploited
locally.

At the time of this disclosure, versions before 4.0 are classified as End of
Life.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Windows"
    ],
    "product": "Cloud Agent",
    "vendor": "Qualys",
    "versions": [
      {
        "lessThan": "4.5.3.1",
        "status": "affected",
        "version": "3.1.3.34",
        "versionType": "custom"
      }
    ]
  }
]

References

www.qualys.com/security-advisories/

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

23.0%

JSON

Related for CVELIST:CVE-2023-28140