Primary

Context

IBM Trusteer Rapport Installer Uncontrolled Search Path Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A vulnerability in the IBM Trusteer Rapport installer version 3.5.2309.290 allows local attackers to execute arbitrary code on the system. This issue arises from a DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of arbitrary code on the affected system.

Remediation

IBM has released an updated installer version 3.5.2504.127, which is available through all public download links. Users should download the installer from official IBM sources to receive the secure version. Existing IBM Trusteer Rapport users do not need to update their installed product, as the vulnerability affects only the installer.

Added: Mar 10, 2026, 8:57 PM

Updated: Mar 10, 2026, 8:57 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

2.9

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

2.9

remediation

0.0

relevance

3.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Trusteer Rapport Installer Uncontrolled Search Path Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating