Rapid7 Vulnerability & Exploit Database

Rapid7 Insight Agent: CVE-2017-5252: Insight Agent on Windows is vulnerable to loading malicious libraries placed in its dependency search path

Back to Search

Rapid7 Insight Agent: CVE-2017-5252: Insight Agent on Windows is vulnerable to loading malicious libraries placed in its dependency search path

Severity
6
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
10/06/2017
Created
07/25/2018
Added
10/06/2017
Modified
01/03/2019

Description

Insight Agent on Windows systems searches for local dependencies in several locations, including in directories in the system PATH variable. As this can include arbitrary directories, and the Agent doesn't specify the directories to search, an attacker with local admin access could place a (potentially malicious) DLL in a directory in that path, causing the Agent to load that library.

Solution(s)

  • rapid7-insightagent-1_4_68-kb2533623
  • rapid7-insightagent-1_4_68

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;