Tenable | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope.

An Indirect Object Reference (IDOR) in Security Center allows an authenticated remote attacker to escalate privileges via the 'owner' parameter.

A vulnerability has been identified where weak file permissions in the Nessus Agent directory on Windows hosts could allow unauthorized access, potentially permitting Denial of Service (DoS) attacks.

In Tenable Nessus versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege.

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could execute code with SYSTEM privilege.

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could arbitrarily delete local system files with SYSTEM privilege, potentially leading to local privilege escalation.

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege.

In Tenable Network Monitor versions prior to 6.5.1 on a Windows host, it was found that a non-administrative user could stage files in a local directory to run arbitrary code with SYSTEM privileges, potentially leading to local privilege es…

When installing Tenable Network Monitor to a non-default location on a Windows host, Tenable Network Monitor versions prior to 6.5.1 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if…