QwikSec

Security Database

CVE

CWE

Training

CVE-2019-5629

Published: Jul 13, 2019

Modified: Sep 16, 2024

PUBLISHED

CVSS v3.0

7.8

HIGH

Description

Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent 2.6.3 and prior starts, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is writable by locally authenticated users. Because of this, a malicious local user could use Insight Agent's startup conditions to elevate to SYSTEM privileges. This issue was fixed in Rapid7 Insight Agent 2.6.4.

Vendor	Product	Versions
Rapid7	Insight Agent	affected `2.6.3 and prior`

Weaknesses (CWE)

CVSS v3.0 Details

CVSS v3.0 Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

20190603 Rapid7's Windows InsightIDR Agent: Local Privilege Escalation

mailing-list

x_refsource_BUGTRAQ

http://packetstormsecurity.com/files/153159/Rapid7-Windows-InsightIDR-Agent-2.6.3.14-Local-Privilege-Escalation.html

x_refsource_MISC

20190611 Rapid7's Windows InsightIDR Agent: Local Privilege Escalation

mailing-list

x_refsource_FULLDISC

https://help.rapid7.com/insightagent/release-notes/archive/2019/05/#20190529

x_refsource_CONFIRM

https://bogner.sh/2019/06/local-privilege-escalation-in-rapid7s-windows-insight-idr-agent/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.