{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4482", "assignerOrgId": "9974b330-7714-4307-a722-5648477acda7", "state": "PUBLISHED", "assignerShortName": "rapid7", "dateReserved": "2026-03-20T05:21:38.041Z", "datePublished": "2026-04-10T04:22:38.719Z", "dateUpdated": "2026-04-10T04:22:38.719Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "9974b330-7714-4307-a722-5648477acda7", "shortName": "rapid7", "dateUpdated": "2026-04-10T04:22:38.719Z"}, "title": "Insight Agent Private Key Information Disclosure via Inherited File Permissions", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "type": "CWE"}]}], "affected": [{"vendor": "Rapid7", "product": "Insight Agent", "platforms": ["Windows"], "modules": ["ir_agent"], "versions": [{"status": "affected", "version": "0", "lessThan": "4.1.0.2", "changes": [{"at": "4.1.0.2", "status": "unaffected"}], "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The installer certificate files in the \u2026/bootstrap/common/ssl folder do not seem to have restricted permissions on Windows systems (users have read and execute access). For the client.key file in particular, this could potentially lead to exploits, as this exposes agent identity material to any locally authenticated standard user.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "The installer certificate files in the <code>\u2026/bootstrap/common/ssl</code> folder do not seem to have restricted permissions on Windows systems (users have read and execute access). For the <code>client.key</code> file in particular, this could potentially lead to exploits, as this exposes agent identity material to any locally authenticated standard user."}]}], "references": [{"url": "https://docs.rapid7.com/insight/release-notes-2026-april/#improvements-and-fixes"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "LOW", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 6.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:L/SA:L"}}], "credits": [{"lang": "en", "value": "Peter Gabaldon @ ITRESIT (https://itresit.es/en/home-en/)", "type": "reporter"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The installer certificate files in the \u2026/bootstrap/common/ssl folder do not seem to have restricted permissions on Windows systems (users have read and execute access). For the client.key file in particular, this could potentially lead to exploits, as this exposes agent identity material to any locally authenticated standard user."}], "id": "CVE-2026-4482", "lastModified": "2026-04-10T05:16:04.587", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cve@rapid7.com", "type": "Secondary"}]}, "published": "2026-04-10T05:16:04.587", "references": [{"source": "cve@rapid7.com", "url": "https://docs.rapid7.com/insight/release-notes-2026-april/#improvements-and-fixes"}], "sourceIdentifier": "cve@rapid7.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "cve@rapid7.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": ["windows"], "status": "affected", "versions": {"scheme": "generic", "value": "[0,4.1.0.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Insight Agent", "source": "cna", "vendor": "Rapid7"}, "product": "insight_agent", "vendor": "rapid7"}], "analysis": {"en": {"generated_at": "2026-04-10T05:51:12.953943+00:00", "value": {"mitigation_remediation": ["Update Rapid7 Insight Agent to the latest release that includes corrected file permissions.", "Verify that the bootstrap/common/ssl directory and its contents are owned by the agent account and have permissions that deny read access to standard users.", "Restrict file permissions manually on existing installations by removing read rights from client.key for non\u2011agent users.", "Monitor for any abnormal access or use of the agent\u2019s private key in logs."], "summary": {"action": "Apply Update", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "The flaw affects Rapid7 Insight Agent running on Windows systems. No specific product versions are listed in the advisory, so all installations of the agent that use the default installer permissions are potentially vulnerable.", "description_and_impact": "A vulnerability in the Rapid7 Insight Agent installer allows local Windows users to read the client.key file located in the bootstrap/common/ssl directory, exposing the agent's private key material. This information disclosure could enable an attacker to impersonate the agent or masquerade as an authorized entity, potentially leading to unauthorized access or data compromise. The weak file permissions represent a flaw in access control management, identified as CWE\u2011732.", "risk_and_exploitability": "The CVSS v3 score of 6.8 indicates moderate severity, and the lack of documented exploits or known public exploits reduces the immediate risk. However, the vulnerability is locally exploitable by any authenticated standard user, meaning that a user with normal access rights can read the private key. The EPSS score is not provided and the vulnerability is not listed in CISA\u2019s KEV catalog, suggesting it is not widely exploited yet. Because the attack requires only local file permission errors, it is relatively easy to exploit and could be leveraged to compromise the integrity and confidentiality of the system."}}}}, "created": "2026-04-10T08:35:45.699665+00:00", "updated": "2026-04-10T09:26:47.265956+00:00", "vendors": ["rapid7", "rapid7$PRODUCT$insight_agent"]}