IBM Trusteer Rapport 3.5.2309.290 DLL Search Path Vulnerability Allows Local Code Execution
CVE-2026-2713 Published on March 10, 2026
IBM Trusteer Rapport installer affected by uncontrolled search path element vulnerability
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Vulnerability Analysis
CVE-2026-2713 can be exploited with local system access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is a DLL preloading Vulnerability?
The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
CVE-2026-2713 has been classified to as a DLL preloading vulnerability or weakness.
Products Associated with CVE-2026-2713
Want to know whenever a new CVE is published for IBM Trusteer Rapport Installer? stack.watch will email you.
