Platform
other
Component
rapid7-insightvm
Fixed in
8.34.0
CVE-2026-1568 describes a critical signature verification vulnerability within Rapid7 InsightVM versions prior to 8.34.0. This flaw resides in the Assertion Consumer Service (ACS) cloud endpoint and allows attackers to bypass authentication checks. Successful exploitation can lead to unauthorized access and complete account takeover, potentially compromising sensitive security data and configurations. Upgrade to InsightVM version 8.34.0 to resolve this issue.
The impact of CVE-2026-1568 is severe, enabling an attacker to achieve full account takeover of Rapid7 InsightVM instances. This means an attacker could gain complete control over the security console, potentially modifying security policies, accessing sensitive data like vulnerability scan results and asset inventories, and even launching further attacks against the network. The vulnerability’s reliance on unsigned assertions makes it particularly concerning, as it bypasses a fundamental security control. This could be leveraged to pivot to other systems within the network, especially if the InsightVM console has elevated privileges or access to critical infrastructure. The ability to modify security policies could also lead to a denial of service or further compromise of the environment.
CVE-2026-1568 was publicly disclosed on 2026-02-03. The vulnerability's critical severity and potential for full account takeover suggest a high probability of exploitation. While no public proof-of-concept (POC) code has been released as of this writing, the ease of exploitation (bypassing signature verification) makes it a likely target for attackers. It is recommended to monitor security advisories and threat intelligence feeds for any indications of active exploitation.
Exploit Status
EPSS
0.02% (5% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-1568 is to immediately upgrade Rapid7 InsightVM to version 8.34.0 or later. If an immediate upgrade is not feasible due to compatibility concerns or testing requirements, Rapid7 recommends reviewing the ACS configuration and ensuring that all assertions are properly signed and verified. While a direct workaround is not available, implementing stricter access controls and multi-factor authentication (MFA) on the InsightVM console can help limit the potential damage if the vulnerability is exploited. After upgrading, confirm the fix by attempting to submit an unsigned assertion to the ACS endpoint and verifying that it is rejected.
Actualice Rapid7 InsightVM a la versión 8.34.0 o posterior. Esta versión corrige la vulnerabilidad de validación de firmas en el endpoint de la nube ACS, previniendo el acceso no autorizado a cuentas.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-1568 is a critical vulnerability in Rapid7 InsightVM versions before 8.34.0 that allows attackers to bypass signature verification and gain full account takeover.
If you are using Rapid7 InsightVM versions 0–8.34.0, you are affected by this vulnerability and should upgrade immediately.
Upgrade to Rapid7 InsightVM version 8.34.0 or later to resolve this vulnerability. Review ACS configuration and implement stricter access controls.
While no public exploit is currently available, the vulnerability's severity and ease of exploitation suggest a high probability of active exploitation.
Refer to the official Rapid7 security advisory for CVE-2026-1568 on the Rapid7 website for detailed information and guidance.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.