CVE-2019-5631

Summary

The Rapid7 InsightAppSec broker suffers from a DLL injection vulnerability in the 'prunsrv.exe' component of the product. If exploited, a local user of the system (who must already be authenticated to the operating system) can elevate their privileges with this vulnerability to the privilege level of InsightAppSec (usually, SYSTEM). This issue affects version 2019.06.24 and prior versions of the product.

Affected Software

VendorProductVersion RangeStatus
Rapid7InsightAppSec2019.06.24 <= 2019.06.24affected

Weaknesses

  • CWE-427: CWE-427: Uncontrolled Search Path Element

Workarounds

If the patching update (2019.07.08 and above) cannot be applied, system administrators of machines running Rapid7 InsightAppSec should not grant local logon privileges to untrusted users.

ADP Enrichment

CVE Program Container

Additional References

References