CVE-2023-28142

CVE-2023-28142 describes a local race condition in Qualys Cloud Agent for Windows, affecting versions 3.1.3.34–4.5.3.1. The issue allows a local attacker to escalate privileges to SYSTEM during uninstall, as the race can occur while the agent is being removed. Versions prior to 4.0 are End of Lif...

CVE-2022-29550

CVE-2022-29550 affects Qualys Cloud Agent 4.8.0-49 and concerns logging of ps auxwwe output to /var/log/qualys/qualys-cloud-agent-scan.log. The issue could expose credentials from environment variables in the log if verbose tracing is enabled; the vendor notes the ps data collection is intentiona...

CVE-2023-28141

The CVE-2023-28141 issue affects Qualys Cloud Agent for Windows prior to version 4.8.0.31 and is caused by an NTFS Junction condition. An attacker with local access can write files to arbitrary locations, potentially escalating to the privileges of the agent process and modifying or deleting sens...

CVE-2023-28143

CVE-2023-28143 affects Qualys Cloud Agent for macOS (versions 2.5.1-75 before 3.7). The installer allows a local escalation of privilege bounded to the installation window on macOS 10.15 and older. Attackers may exploit incorrect file permissions during PKG extraction/cromotion (copying files to ...

CVE-2023-28140

CVE-2023-28140 concerns the Qualys Cloud Agent for Windows. Affected are versions before 4.5.3.1, with the exploit described as an executable hijacking via a malicious DLL loaded locally instead of the expected DLL when processes run with escalated privileges. The vulnerability is bounded to the ...