Cloud Platform
Contact us
Asset Management
Vulnerability & Configuration Management
Risk Remediation
Threat Detection & Response
  • Overview
  • Platform Apps

  • Qualys Endpoint Security

    Advanced endpoint threat protection, improved threat context, and alert prioritization

  • Context XDR

    Extend detection and response beyond the endpoint to the enterprise

Cloud Security

Security advisory.

Possible local privilege escalation for Qualys Cloud Agent for Linux with Manifest versions prior to 2.5.548.2

Advisory ID: Q-PSA-2022-01
CVE ID:  CVE-2022-29549
Published: 2022-08-15
Last Update:  2022-08-15
CWE: CWE-284

Risk Factor

NVD Risk Rating Qualys Risk Rating
CVSSv3.1 Score 7.0 / High 6.7 / Medium
CVSSv3.1 Vector (Base) AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H


Qualys Cloud Agent for Linux with signature manifest versions prior to 2.5.548.2 executes programs at various full pathnames without first making ownership and permission checks. Privilege escalation is possible on a system where an attacker with local, write access to one of the vulnerable pathnames controlled by a non-root user installs arbitrary code, and the Qualys Agent is running as root. In such situations, an attacker could use the Qualys Cloud Agent to run arbitrary code as the root user. 


No action required by customers. Enterprise TruRisk Platform updated across all regions effective immediately.

Affected Products

Qualys Cloud Agent for Linux with manifest versions prior to 2.5.548.2.

Severity Considerations

Qualys assesses the attack complexity for this vulnerability as high as it requires local system access by an attacker and the ability to write malicious files to user system paths. This lowers the overall severity score from High to Medium.


Unqork Security Team (Justin Borland , Daniel Wood , David Heise , Bryan Li)

View more security advisories