Tenable has released patches for three critical vulnerabilities in Nessus Agent for Windows that could allow privilege escalation, file deletion, and arbitrary code execution. Users are urged to update to version 10.8.5 to mitigate potential exploitation risks. #CVEs2025 #NessusAgent #PrivilegeEscalation
Keypoints
- Three high-severity vulnerabilities were identified in Nessus Agent for Windows.
- These flaws could enable non-administrative users to overwrite files, delete files, or execute code with System privileges.
- The vulnerabilities are tracked as CVE-2025-36631, CVE-2025-36632, and CVE-2025-36633.
- Updates have been released in Nessus Agent version 10.8.5 to fix these security issues.
- Tenable has not reported any evidence of these vulnerabilities being exploited in the wild.
Read More: https://www.securityweek.com/high-severity-vulnerabilities-patched-in-tenable-nessus-agent/