PT-2022-13056 · Rapid7 · Rapid7 Insight Agent

N2Dez

Published

2022-03-17

Updated

2022-03-24

CVE-2022-0237

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Rapid7 Insight Agent versions 3.1.2.38 and earlier

Description The issue allows an attacker to hijack the flow of execution due to an unquoted argument to the runas.exe command used by the ir agent.exe component, resulting in elevated rights and persistent access to the machine.

Recommendations For Rapid7 Insight Agent versions 3.1.2.38 and earlier, update to version 3.1.3.80 to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-428CWE-264

Related Identifiers

CVE-2022-0237

Affected Products

Rapid7 Insight Agent

PT-2022-13056 · Rapid7 · Rapid7 Insight Agent

CVE-2022-0237

Weakness Enumeration

Related Identifiers

Affected Products

References · 5