Ryan Schachtschneider

**Name of the Vulnerable Software and Affected Versions** Rapid7 Platform (affected versions not specified) **Description** A key used in logging.json does not follow the least privilege principle by default and is exposed to local users in the Rapid7 Platform. This allows an attacker with local access to a machine with the logging.json file to use that key to authenticate to the platform with high privileges. The issue was fixed in the Rapid7 platform starting 3 April 2024 via the introduction of a restricted role and the removal of automatic API key generation on installation of an agent. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Rapid7 Insight Agent versions 3.1.2.38 and earlier **Description** The issue allows an attacker to hijack the flow of execution due to an unquoted argument to the `runas.exe` command used by the `ir agent.exe` component, resulting in elevated rights and persistent access to the machine. **Recommendations** For Rapid7 Insight Agent versions 3.1.2.38 and earlier, update to version 3.1.3.80 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Zscaler Client Connector versions prior to 2.1.2.150 **Description** The issue allows a local adversary to execute code with system privileges due to the Zscaler Client Connector not quoting the search path for services. **Recommendations** For versions prior to 2.1.2.150, update to version 2.1.2.150 or later to resolve the issue. As a temporary workaround, consider restricting access to system privileges to minimize the risk of exploitation.