PT-2023-21591 · Qualys · Qualys Cloud Agent For Windows
Published
2023-04-18
·
Updated
2023-04-28
·
CVE-2023-28142
CVSS v3.1
7.0
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Qualys Cloud Agent for Windows versions 3.1.3.34 through 4.5.3.1
Description
A Race Condition exists in the Qualys Cloud Agent for Windows platform. This allows attackers to escalate privileges limited on the local machine during uninstallation of the Qualys Cloud Agent for Windows. Attackers may gain SYSTEM level privileges on that asset to run arbitrary commands. At the time of this disclosure, versions before 4.0 are classified as End of Life.
Recommendations
For Qualys Cloud Agent for Windows versions 3.1.3.34 through 4.5.3.1, update to a version after 4.5.3.1 to resolve the issue.
For versions before 4.0, consider upgrading to a supported version as they are classified as End of Life.
As a temporary workaround, consider restricting the uninstallation of the Qualys Cloud Agent for Windows to minimize the risk of exploitation.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Qualys Cloud Agent For Windows