Local Privilege Escalation Vulnerability in Qualys Cloud Agent for MacOS and Linux
CVE-2025-43079

6.3MEDIUM

Key Information:

Vendor: Qualys Inc
Status: Qualys Agent
Vendor: CVE Published:; 10 November 2025

What is CVE-2025-43079?

The Qualys Cloud Agent for MacOS and Linux contains a vulnerability within its bundled uninstall script (qagent_uninstall.sh). This script executes multiple system commands without using absolute paths or sanitizing the $PATH environment variable. If executed with elevated privileges, such as through sudo, a manipulated $PATH could potentially allow an attacker to run malicious executables instead of legitimate system binaries. This vulnerability poses a significant risk as it can be exploited for local privilege escalation and arbitrary command execution, jeopardizing system integrity and security.

Affected Version(s)

Qualys Agent BSD 3.12

Qualys Agent IMB AIX 4.17

Qualys Agent Linux 5.0 < 7.2.3

References

https://www.qualys.com/security-advisories/cve-2025-43079

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 10, 2025
Vulnerability Reserved
Apr 16, 2025

Credit

Brent Zaltsman (AfricanHipp0)

JSON

Qualys Inc

What is CVE-2025-43079?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit