Rapid7 Insight Agent allows attackers to gain SYSTEM level control on Windows

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.5

Rapid7 Insight Agent allows attackers to gain SYSTEM level control on Windows

CVE-2026-6482

Summary

The Rapid7 Insight Agent on Windows is vulnerable to a security threat. An attacker can exploit this vulnerability by tricking the agent into running malicious code, which can then gain control of the entire Windows system. To protect your system, update the Rapid7 Insight Agent to version 4.1.0.2 or later.

Original title

Original description

The Rapid7 Insight Agent (versions > 4.1.0.2) is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the agent service attempts to load an OpenSSL configuration file from a non-existent directory that is writable by standard users. By planting a crafted openssl.cnf file an attacker can trick the high-privilege service into executing arbitrary commands. This effectively permits an unprivileged user to bypass security controls and achieve a full host compromise under the agent’s SYSTEM level access.

nvd CVSS4.0 8.5

Vulnerability type

CWE-829

https://docs.rapid7.com/insight/release-notes-2026-april/#improvements-and-fixes

Published: 17 Apr 2026 · Updated: 17 Apr 2026 · First seen: 17 Apr 2026