Local Code Execution Vulnerability in IBM Trusteer Rapport Installer
CVE-2026-2713

7.4HIGH

Key Information:

Vendor: IBM
Status: Trusteer Rapport Installer
Vendor: CVE Published:; 10 March 2026

What is CVE-2026-2713?

The IBM Trusteer Rapport installer version 3.5.2309.290 is susceptible to a DLL uncontrolled search path vulnerability. This weakness can be exploited by local attackers, enabling them to place a specially crafted file within a compromised directory. Upon execution of the installer, this could allow the attacker to run arbitrary code on the affected system. Proper security measures and updates are essential to mitigate the risks associated with this vulnerability.

Affected Version(s)

Trusteer Rapport installer 3.5.2309.290

References

https://www.ibm.com/support/pages/node/7263031

vendor-advisorypatch

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 10, 2026
Vulnerability Reserved
Feb 18, 2026

CVE-2026-2713 Data

JSON