PT-2023-21592 · Qualys+1 · Qualys Cloud Agent+1
Published
2023-04-18
·
Updated
2023-04-28
·
CVE-2023-28143
CVSS v3.1
7.0
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Qualys Cloud Agent for macOS versions 2.5.1-75 through 3.7
Description
The Qualys Cloud Agent for macOS installer allows a local escalation of privilege, bounded only to the time of installation and only on older macOSX versions (macOS 10.15 and older). Attackers may exploit incorrect file permissions to gain ROOT command execution privileges on the host. This occurs during the installation of the PKG, where a step in the process involves extracting the package and copying files to several directories, allowing attackers to gain writable access to files and enabling a local escalation of privilege.
Recommendations
For Qualys Cloud Agent for macOS versions 2.5.1-75 through 3.7, update to version 3.7 or later to resolve the issue.
Fix
Untrusted Search Path
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Qualys Cloud Agent
Apple Macos