Lucene search

[email protected]NVD:CVE-2023-28140

HistoryApr 18, 2023 - 4:15 p.m.

CVE-2023-28140

2023-04-1816:15:09

CWE-427

[email protected]

web.nvd.nist.gov

cve-2023-28140

qualys cloud agent

windows platform

local attack vector

dll

escalated privileges

uninstallation vulnerability

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.0%

JSON

An Executable Hijacking condition exists in the
Qualys Cloud Agent for Windows platform in versions before 4.5.3.1. Attackers
may load a malicious copy of a Dependency Link Library (DLL) via a local
attack vector instead of the DLL that the application was expecting, when
processes are running with escalated privileges. This vulnerability
is bounded only to the time of uninstallation and can only be exploited
locally.

At the time of this disclosure, versions before 4.0 are classified as End of
Life.

Affected configurations

NVD

Node

qualyscloud_agentRange3.1.3.34–4.5.3.1windows

References

www.qualys.com/security-advisories/

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.0%

JSON

Related for NVD:CVE-2023-28140

prion1 cve1 cvelist1 qualysblog1