N2Dez

**Name of the Vulnerable Software and Affected Versions** Rapid7 Insight Agent versions 3.1.2.38 and earlier **Description** The issue allows an attacker to hijack the flow of execution due to an unquoted argument to the `runas.exe` command used by the `ir agent.exe` component, resulting in elevated rights and persistent access to the machine. **Recommendations** For Rapid7 Insight Agent versions 3.1.2.38 and earlier, update to version 3.1.3.80 to resolve the issue.