loader gif

Privilege Escalation Vulnerability Found in Rapid7 InsightIDR

Privilege Escalation Vulnerability Found in Rapid7 InsightIDR (Malware and Vulnerabilities)

An easy-to-exploit local privilege escalation vulnerability has been found and patched in Rapid7’s InsightIDR intruder analytics solution, a researcher revealed on Monday. Since this is a locally exploitable vulnerability, the attacker requires non-administrator privileges to the targeted system and the flaw can be exploited to obtain full SYSTEM-level access to the device. The security hole, tracked as CVE-2019-5629, is related to ir_agent, a Windows service associated with InsightIDR. In a proof-of-concept (PoC) exploit he has developed, the researcher created a malicious DLL file that adds a new admin user to the operating system, providing the attacker a new administrator account that they could use to gain full control of the system. “As a provider of security software, services, and research, we take security issues very seriously and recognize the importance of privacy, security, and community outreach. We greatly appreciate the efforts of security researchers and discoverers who share information on security issues with us, giving us a chance to improve our products and services, and better protect our customers,” it added.

loader gif