Tenable Nessus Agent
7 CVEs affecting Tenable Nessus Agent. Latest disclosed: 2026-01-13. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-36640 | High | 8.8 | 2026-01-13 | A vulnerability has been identified in the installation/uninstallation of the Nessus Agent Tray App on Windows Hosts which could lead to escalation of privileg… |
CVE-2024-3292 | High | 8.2 | 2024-05-17 | A race condition vulnerability exists where an authenticated, local attacker on a Windows Nessus Agent host could modify installation parameters at installatio… |
CVE-2025-24915 | High | 7.8 | 2025-03-21 | When installing Nessus Agent to a non-default location on a Windows host, Nessus Agent versions prior to 10.8.3 did not enforce secure permissions for sub-dire… |
CVE-2024-3291 | High | 7.8 | 2024-05-17 | When installing Nessus Agent to a directory outside of the default location on a Windows host, Nessus Agent versions prior to 10.6.4 did not enforce secure per… |
CVE-2024-2390 | High | 7.8 | 2024-03-18 | As a part of Tenable’s vulnerability disclosure program, a vulnerability in a Nessus plugin was identified and reported. This vulnerability could allow a mali… |
CVE-2023-6178 | Medium | 6.8 | 2023-11-20 | An arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to… |
CVE-2023-5847 | Medium | 6.7 | 2023-11-01 | Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and L… |