FortiClient Vulnerability

JCI Internal Reporting Insight Agent CVE-2019-5629 Privilege Escalation Vulnerability

Description

Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent 2.6.3 and prior starts, the Python interpreter attempts to load python3.dll at \"C:\\DLLs\\python3.dll,\" which normally is writable by locally authenticated users. Because of this, a malicious local user could use Insight Agent\'s startup conditions to elevate to SYSTEM privileges. This issue was fixed in Rapid7 Insight Agent 2.6.4.

Affected Applications

Insight Agent

CVE References

CVE-2019-5629

Other References

https://web.nvd.nist.gov/view/vuln/detail?vulnId=cve-2019-5629

ID	2263
Created	Jul 14, 2021
Description Updated	Oct 26, 2023
Risk
Coverage	FortiClient
OS	Windows
Vendor	JCI Internal Reporting
Patch	manual
Application	Insight Agent

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

JCI Internal Reporting Insight Agent CVE-2019-5629 Privilege Escalation Vulnerability

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

JCI Internal Reporting Insight Agent CVE-2019-5629 Privilege Escalation Vulnerability

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center