CVE-2022-0237
Rapid7 Insight Agent Privilege Escalation
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privilege escalation vulnerability, whereby an attacker can hijack the flow of execution due to an unquoted argument to the runas.exe command used by the ir_agent.exe component, resulting in elevated rights and persistent access to the machine. This issue was fixed in Rapid7 Insight Agent version 3.1.3.80.
Rapid7 Insight Agent versiones 3.1.2.38 y anteriores, sufren una vulnerabilidad de escalada de privilegios, por la que un atacante puede secuestrar el flujo de ejecución debido a un argumento no citado en el comando runas.exe usado por el componente ir_agent.exe, resultando en derechos elevados y a un acceso persistente a la máquina. Este problema es corregido en Rapid7 Insight Agent versión 3.1.3.80
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-01-14 CVE Reserved
- 2022-03-17 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- 2024-09-16 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
- CWE-428: Unquoted Search Path or Element
CAPEC
References (2)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://gist.github.com/n2dez/05d43c616f2b403e84ee55d4d7aab251 | 2024-09-16 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://docs.rapid7.com/release-notes/insightagent/20220225 | 2022-03-24 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Rapid7 Search vendor "Rapid7" | Insight Agent Search vendor "Rapid7" for product "Insight Agent" | <= 3.1.2.38 Search vendor "Rapid7" for product "Insight Agent" and version " <= 3.1.2.38" | - |
Affected
|