CVE-2026-7373
Last updated May 15, 2026 · Published May 15, 2026
Description
Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that allows users to gain SYSTEM level control of a Windows host. Upon startup the metasploitPostgreSQL service the subsequent postgres.exe service attempts to load an OpenSSL configuration file from a non-existent directory that is writable by standard users. By planting a crafted openssl.cnf file an attacker can trick the high-privilege service into executing arbitrary commands. This effectively permits an unprivileged user to bypass security controls and achieve a full host compromise under the agent's SYSTEM level access.
Affected products
1 listed- Rapid7:Metasploit Pro
Mappings
CWE
CAPEC
None listed.
Related
Training
- Authorisation and Access ControlRBAC, ABAC, and privilege escalation patterns in real applications.
- Secure Defaults in Modern FrameworksHow Rails, Next.js, Django, and Spring protect you - and where they don't.
- Dependency and Supply Chain ManagementSBOMs, lock files, and surviving the next big supply chain attack.
CVE® content © MITRE Corporation. Licensed under the CVE Terms of Use. Terms