CVE-2019-5631: Rapid7 InsightAppSec Local Privilege Escalation
First published: Mon Aug 19 2019(Updated: )
The Rapid7 InsightAppSec broker suffers from a DLL injection vulnerability in the 'prunsrv.exe' component of the product. If exploited, a local user of the system (who must already be authenticated to the operating system) can elevate their privileges with this vulnerability to the privilege level of InsightAppSec (usually, SYSTEM). This issue affects version 2019.06.24 and prior versions of the product.
Credit: cve@rapid7.con
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Rapid7 InsightAppSec | <=2019.06.24 |
Remedy
Users should update Rapid7 InsightAppSec to version 2019.07.08 or later.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-5631?
CVE-2019-5631 is a DLL injection vulnerability in the 'prunsrv.exe' component of Rapid7 InsightAppSec broker, which allows a local user to elevate their privileges.
Who is affected by CVE-2019-5631?
Rapid7 InsightAppSec versions up to and including 2019.06.24 are affected by CVE-2019-5631.
How severe is CVE-2019-5631?
CVE-2019-5631 has a severity rating of 7.8 (Critical).
How can CVE-2019-5631 be exploited?
CVE-2019-5631 can be exploited by a local user of the system who is already authenticated to the operating system.
Is there a fix for CVE-2019-5631?
Rapid7 has released a fix for CVE-2019-5631. It is recommended to update to the latest version of Rapid7 InsightAppSec to mitigate this vulnerability.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/title
- agent/references
- agent/remedy
- agent/tags
- agent/event
- agent/description
- agent/first-publish-date
- vendor/rapid7
- canonical/rapid7 insightappsec
- version/rapid7 insightappsec/2019.06.24