CVE-2025-43079

EPSS 0.15%
Veröffentlicht 10.11.2025 17:10:31
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle bugreport@qualys.com
CVE-Watchlists
Login
Unerledigt
Login

Local Privilege Escalation via qagent_uninstall.sh Qualys Cloud Agents

The Qualys Cloud Agent included a bundled uninstall script (qagent_uninstall.sh), specific to Mac and Linux supported versions that invoked multiple system commands without using absolute paths and without sanitizing the $PATH environment. If the uninstall script is executed with elevated privileges (e.g., via sudo) in an environment where $PATH has been manipulated, an attacker with root/sudo privileges could cause malicious executables to be run in place of the intended system binaries. This behavior can be leveraged for local privilege escalation and arbitrary command execution under elevated privileges.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

CNA 11 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerQualys Inc

≫

Produkt Qualys Agent

Default Statusunaffected

Version 5.0

Version < 7.2.3

Status affected

HerstellerQualys Inc

≫

Produkt Qualys Agent

Default Statusaffected

Version 3.12

Version < 7.1.0

Status affected

HerstellerQualys Inc

≫

Produkt Qualys Agent

Default Statusaffected

Version 4.17

Version < 6.0.0

Status affected

HerstellerQualys Inc

≫

Produkt Qualys Agent

Default Statusunaffected

Version 0

Version < 6.2.1

Status affected

HerstellerQualys Inc

≫

Produkt Qualys Agent

Default Statusunaffected

Version 0

Version < 6.3.1

Status affected

HerstellerQualys Inc

≫

Produkt Qualys Agent

Default Statusunaffected

Version 0

Version < 3.31.1-8

Status affected

HerstellerQualys Inc

≫

Produkt Qualys Agent

Default Statusunaffected

Version 0

Version < 3.21.1-6

Status affected

HerstellerQualys Inc

≫

Produkt Qualys Agent

Default Statusunaffected

Version 0

Version < 4.2.6

Status affected

HerstellerQualys Inc

≫

Produkt Qualys Agent

Default Statusunaffected

Version 0

Version < 5.0.3

Status affected

HerstellerQualys Inc

≫

Produkt Qualys Agent

Default Statusunaffected

Version 0

Version < 5.0.2

Status affected

HerstellerQualys Inc

≫

Produkt Qualys Agent

Default Statusunaffected

Version 0

Version < 6.0.3

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.15%	0.043

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
bugreport@qualys.com	6.3	0.3	5.9	CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

CWE-426 Untrusted Search Path

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

https://www.qualys.com/security-advisories/cve-2025-43079

https://nvd.nist.gov/vuln/detail/CVE-2025-43079

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-43079

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-43079

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-43079