CVE-2025-36632

High CVSS: 7.8

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could execute code with SYSTEM privilege.

Vendor

Product

CWE

Yayın Tarihi

2025-06-16 14:15:21

Güncelleme

2025-10-21 20:19:43

Source Identifier

vulnreport@tenable.com

KEV Date Added

CWE-276 Nessus Agent HIGH Tenable 2025

https://www.tenable.com/security/tns-2025-11

Medium

CVE-2026-2698

An improper access control vulnerability exists where an authenticated user could access areas outside of their authoriz…

Medium

CVE-2026-2697

An Indirect Object Reference (IDOR) in Security Center allows an authenticated remote attacker to escalate privileges vi…

Medium

CVE-2026-2026

A vulnerability has been identified where weak file permissions in the Nessus Agent directory on Windows hosts could all…

High

CVE-2025-36630

In Tenable Nessus versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrit…

High

CVE-2025-36633

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could arbitrari…

High

CVE-2025-36631

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite…