Nessus Network Monitor
CVE-2025-24916
HIGH
Severity by source
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
When installing Tenable Network Monitor to a non-default location on a Windows host, Tenable Network Monitor versions prior to 6.5.1 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location.
AnalysisAI
When installing Tenable Network Monitor to a non-default location on a Windows host, Tenable Network Monitor versions prior to 6.5.1 did not enforce secure permissions for sub-directories. Rated high severity (CVSS 7.0). No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-284. When installing Tenable Network Monitor to a non-default location on a Windows host, Tenable Network Monitor versions prior to 6.5.1 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location. Affected products include: Tenable Nessus Network Monitor. Version information: prior to 6.5.1.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Nessus Network Monitor
View allIn order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Rated cri
Under certain conditions, Nessus Network Monitor could allow a low privileged user to escalate privileges to NT AUTHORIT
NNM failed to properly set ACLs on its installation directory, which could allow a low privileged user to run arbitrary
A vulnerability in Nessus Network Monitor versions 5.11.0, 5.11.1, and 5.12.0 for Windows could allow an authenticated l
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain.
Under certain conditions, Nessus Network Monitor was found to not properly enforce input validation. Rated high severity
The X.509 GeneralName type is a generic type for representing different types of names. Rated medium severity (CVSS 5.9)
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. Rated med
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer
A stored cross site scripting vulnerability exists in Nessus Network Monitor where an authenticated, privileged local at
In Tenable Network Monitor versions prior to 6.5.1 on a Windows host, it was found that a non-administrative user could
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today