CVE-2019-5629
Rapid7 Windows InsightIDR Agent 2.6.3.14 Local Privilege Escalation
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent 2.6.3 and prior starts, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is writable by locally authenticated users. Because of this, a malicious local user could use Insight Agent's startup conditions to elevate to SYSTEM privileges. This issue was fixed in Rapid7 Insight Agent 2.6.4.
Insight Agent de Rapid7, versión 2.6.3 y anteriores, sufre de una escalada de privilegios locales debido a una ruta (path) de búsqueda de DLL no controlada. Específicamente, durante el inicio de Insight Agent versión 2.6.3 y anteriores, el intérprete de Python intenta cargar python3.dll en "C:\DLLs\python3.dll", que comúnmente es escribible por usuarios autenticados localmente. Debido a esto, un usuario local malicioso podría usar las condiciones de inicio de Insight Agent para elevar los privilegios a SYSTEM. Este problema fue solucionado en Rapid7 Insight Agent versión 2.6.4.
Rapid7 Windows InsightIDR Agent version 2.6.3.14 suffers from a local privilege escalation vulnerability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-07 CVE Reserved
- 2019-06-03 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- 2024-09-16 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-427: Uncontrolled Search Path Element
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
http://packetstormsecurity.com/files/153159/Rapid7-Windows-InsightIDR-Agent-2.6.3.14-Local-Privilege-Escalation.html | Third Party Advisory | |
http://seclists.org/fulldisclosure/2019/Jun/13 | Mailing List | |
https://help.rapid7.com/insightagent/release-notes/archive/2019/05/#20190529 | Third Party Advisory | |
https://seclists.org/bugtraq/2019/Jun/0 | Issue Tracking |
URL | Date | SRC |
---|---|---|
https://bogner.sh/2019/06/local-privilege-escalation-in-rapid7s-windows-insight-idr-agent | 2024-09-16 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Rapid7 Search vendor "Rapid7" | Insight Agent Search vendor "Rapid7" for product "Insight Agent" | <= 2.6.3 Search vendor "Rapid7" for product "Insight Agent" and version " <= 2.6.3" | - |
Affected
|