Unrated severityNVD Advisory· Published Jul 13, 2019· Updated Sep 16, 2024
CVE-2019-5629
CVE-2019-5629
Description
Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent 2.6.3 and prior starts, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is writable by locally authenticated users. Because of this, a malicious local user could use Insight Agent's startup conditions to elevate to SYSTEM privileges. This issue was fixed in Rapid7 Insight Agent 2.6.4.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=2.6.3+ 1 more
- (no CPE)range: <=2.6.3
- (no CPE)range: 2.6.3 and prior
Patches
Vulnerability mechanics
References
5- packetstormsecurity.com/files/153159/Rapid7-Windows-InsightIDR-Agent-2.6.3.14-Local-Privilege-Escalation.htmlmitrex_refsource_MISC
- seclists.org/fulldisclosure/2019/Jun/13mitremailing-listx_refsource_FULLDISC
- bogner.sh/2019/06/local-privilege-escalation-in-rapid7s-windows-insight-idr-agent/mitrex_refsource_MISC
- help.rapid7.com/insightagent/release-notes/archive/2019/05/mitrex_refsource_CONFIRM
- seclists.org/bugtraq/2019/Jun/0mitremailing-listx_refsource_BUGTRAQ
News mentions
0No linked articles in our index yet.