CVE-2025-36633

High CVSS: 8.8

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could arbitrarily delete local system files with SYSTEM privilege, potentially leading to local privilege escalation.

Vendor

Tenable

Product

Nessus Agent

CWE

CWE-269

Yayın Tarihi

2025-06-13 15:15:20

Güncelleme

2025-10-23 16:00:44

Source Identifier

vulnreport@tenable.com

KEV Date Added

Kategoriler

CWE-269 Nessus Agent HIGH Tenable 2025

Referanslar

https://www.tenable.com/security/tns-2025-11

Benzer Kayıtlar

Medium

CVE-2026-2698

An improper access control vulnerability exists where an authenticated user could access areas outside of their authoriz…

Medium

CVE-2026-2697

An Indirect Object Reference (IDOR) in Security Center allows an authenticated remote attacker to escalate privileges vi…

Medium

CVE-2026-2026

A vulnerability has been identified where weak file permissions in the Nessus Agent directory on Windows hosts could all…

High

CVE-2025-36630

In Tenable Nessus versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrit…

High

CVE-2025-36632

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could execute c…

High

CVE-2025-36631

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite…