Description
The installer certificate files in the …/bootstrap/common/ssl folder do not seem to have restricted permissions on Windows systems (users have read and execute access). For the client.key file in particular, this could potentially lead to exploits, as this exposes agent identity material to any locally authenticated standard user.
Published: 2026-04-10
Score: 6.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure
Action: Apply Update
AI Analysis

Impact

A vulnerability in the Rapid7 Insight Agent installer allows local Windows users to read the client.key file located in the bootstrap/common/ssl directory, exposing the agent's private key material. This information disclosure could enable an attacker to impersonate the agent or masquerade as an authorized entity, potentially leading to unauthorized access or data compromise. The weak file permissions represent a flaw in access control management, identified as CWE‑732.

Affected Systems

The flaw affects Rapid7 Insight Agent running on Windows systems. No specific product versions are listed in the advisory, so all installations of the agent that use the default installer permissions are potentially vulnerable.

Risk and Exploitability

The CVSS v3 score of 6.8 indicates moderate severity, and the lack of documented exploits or known public exploits reduces the immediate risk. However, the vulnerability is locally exploitable by any authenticated standard user, meaning that a user with normal access rights can read the private key. The EPSS score is not provided and the vulnerability is not listed in CISA’s KEV catalog, suggesting it is not widely exploited yet. Because the attack requires only local file permission errors, it is relatively easy to exploit and could be leveraged to compromise the integrity and confidentiality of the system.

Generated by OpenCVE AI on April 10, 2026 at 05:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Rapid7 Insight Agent to the latest release that includes corrected file permissions.
  • Verify that the bootstrap/common/ssl directory and its contents are owned by the agent account and have permissions that deny read access to standard users.
  • Restrict file permissions manually on existing installations by removing read rights from client.key for non‑agent users.
  • Monitor for any abnormal access or use of the agent’s private key in logs.

Generated by OpenCVE AI on April 10, 2026 at 05:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 10 Apr 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 10 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Rapid7
Rapid7 insight Agent
Vendors & Products Rapid7
Rapid7 insight Agent

Fri, 10 Apr 2026 04:45:00 +0000

Type Values Removed Values Added
Description The installer certificate files in the …/bootstrap/common/ssl folder do not seem to have restricted permissions on Windows systems (users have read and execute access). For the client.key file in particular, this could potentially lead to exploits, as this exposes agent identity material to any locally authenticated standard user.
Title Insight Agent Private Key Information Disclosure via Inherited File Permissions
Weaknesses CWE-732
References
Metrics cvssV4_0

{'score': 6.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:L/SA:L'}

Subscriptions

Rapid7 Insight Agent
cve-icon MITRE

Status: PUBLISHED

Assigner: rapid7

Published:

Updated: 2026-04-10T15:33:30.608Z

Reserved: 2026-03-20T05:21:38.041Z

Link: CVE-2026-4482

cve-icon Vulnrichment

Updated: 2026-04-10T15:33:21.457Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-10T05:16:04.587

Modified: 2026-04-13T15:02:06.187

Link: CVE-2026-4482

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:26:47Z

Weaknesses