{"vulnerability": "CVE-2023-28141", "sightings": [{"uuid": "d74a3b4a-ce41-4a86-a8c8-a3c43af5aaf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28141", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6253", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28141\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: \nAn NTFS Junction condition exists in the Qualys Cloud Agent\nfor Windows platform in versions before 4.8.0.31. Attackers may write files to\narbitrary locations via a local attack vector. This allows attackers to assume\nthe privileges of the process, and they may delete or otherwise on unauthorized\nfiles, allowing for the potential modification or deletion of sensitive files\nlimited only to that specific directory/file object. This vulnerability is\nbounded to the time of installation/uninstallation and can only be exploited locally.\n\n\n\nAt the time of this disclosure, versions before 4.0 are\nclassified as End of Life.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\ud83d\udccf Published: 2023-04-18T15:50:19.411Z\n\ud83d\udccf Modified: 2025-03-03T19:22:56.830Z\n\ud83d\udd17 References:\n1. https://www.qualys.com/security-advisories/", "creation_timestamp": "2025-03-03T19:30:43.000000Z"}, {"uuid": "18f9743f-c341-4411-a822-9f22fb377ee1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28141", "type": "seen", "source": "https://t.me/cibsecurity/62365", "content": "\u203c CVE-2023-28141 \u203c\n\nAn NTFS Junction condition exists in the Qualys Cloud Agent for Windows platform in versions before 4.5.3.1. Attackers may write files to arbitrary locations via a local attack vector. This allows attackers to assume the privileges of the process, and they may delete or otherwise on unauthorized files, allowing for the potential modification or deletion of sensitive files limited only to that specific directory/file object. This vulnerability is bounded only to the time of uninstallation and can only be exploited locally. At the time of this disclosure, versions before 4.0 are classified as End of Life.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-18T20:29:15.000000Z"}]}