Cyber Resilience

CVE-2026-1568

Critical

Published: 03 February 2026

Published
03 February 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
EPSS Score 0.0014 3.8th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2026-1568 is a critical-severity Improper Authentication (CWE-287) vulnerability in Rapid7 InsightVM (inferred from references). Its CVSS base score is 9.6 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 3.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 IA-2 (Identification and Authentication (Organizational Users)) and SI-2 (Flaw Remediation).

Deeper analysis

Rapid7 InsightVM versions prior to 8.34.0 are affected by CVE-2026-1568, a signature verification vulnerability in the Assertion Consumer Service (ACS) cloud endpoint. The flaw stems from the application processing unsigned assertions, which leads to the issuance of session cookies granting access to targeted user accounts configured via "Security Console" installations. This issue is rated at a CVSS v3.1 score of 9.6 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N) and maps to CWE-287 (Improper Authentication) and CWE-347 (Improper Verification of Cryptographic Signature).

An attacker with low privileges (PR:L) can exploit this vulnerability over the network (AV:N) with low complexity and no user interaction required. By submitting unsigned assertions to the ACS endpoint, the attacker bypasses authentication, achieving full account takeover of InsightVM accounts. This grants complete access to the compromised user's session and associated resources.

Rapid7 has addressed the vulnerability in InsightVM version 8.34.0. Security practitioners should upgrade to this version or later, as detailed in the release notes at https://docs.rapid7.com/insight/command-platform-release-notes/. No additional mitigations are specified in available advisories.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Rapid7 InsightVM versions before 8.34.0 contain a signature verification issue on the Assertion Consumer Service (ACS) cloud endpoint that could allow an attacker to gain unauthorized access to InsightVM accounts setup via "Security Console" installations, resulting in full account takeover.…

more

The issue occurs due to the application processing these unsigned assertions and issuing session cookies that granted access to the targeted user accounts. This has been fixed in version 8.34.0 of InsightVM.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Signature verification bypass in exposed ACS endpoint directly enables remote exploitation of a public-facing application for auth bypass and account takeover.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-1044Shared CWE-287
CVE-2026-1740Shared CWE-287
CVE-2026-7022Shared CWE-287
CVE-2023-25574Shared CWE-347
CVE-2024-13111Shared CWE-287
CVE-2026-29145Shared CWE-287
CVE-2026-31946Shared CWE-287, CWE-347
CVE-2018-25236Shared CWE-287
CVE-2024-53704Shared CWE-287
CVE-2026-20997Shared CWE-347

Affected Assets

Rapid7
InsightVM
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

IA-2 requires enforcement of robust identification and authentication mechanisms that verify cryptographic signatures on SAML assertions to prevent processing unsigned assertions and unauthorized account access.

prevent

SI-7 mandates software, firmware, and information integrity verification mechanisms, such as cryptographic signature validation on authentication assertions, to block unsigned or tampered data from granting session access.

prevent

SI-2 ensures timely identification, reporting, and correction of flaws like the signature verification bypass, enabling patching to InsightVM 8.34.0 to eliminate the vulnerability.

References