Skip to main content

Nessus Agent CVE-2025-36633

| EUVDEUVD-2025-18279 HIGH
Improper Privilege Management (CWE-269)
2025-06-13 vulnreport@tenable.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Analysis Updated
Apr 16, 2026 - 06:39 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
10.8.5
EUVD ID Assigned
Mar 14, 2026 - 21:34 euvd
EUVD-2025-18279
Analysis Generated
Mar 14, 2026 - 21:34 vuln.today
CVE Published
Jun 13, 2025 - 15:15 nvd
HIGH 8.8

DescriptionCVE.org

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could arbitrarily delete local system files with SYSTEM privilege, potentially leading to local privilege escalation.

AnalysisAI

Local privilege escalation vulnerability in Tenable Agent for Windows (versions prior to 10.8.5) that allows non-administrative users to arbitrarily delete system files with SYSTEM privileges. This vulnerability has a CVSS score of 8.8 (High) and could enable local attackers to compromise system integrity and gain elevated privileges. The attack requires local access but no user interaction, making it a significant risk for multi-user Windows systems running vulnerable Tenable Agent versions.

Technical ContextAI

The vulnerability stems from improper privilege management and insufficient access controls within Tenable Agent (CPE: cpe:2.3:a:tenable:tenable_agent:*:*:*:*:*:windows:*:*). The root cause is classified under CWE-269 (Improper Access Control - Assuming Trust Without Validation), which indicates the application fails to properly validate user privileges before performing file operations with elevated system context. Tenable Agent runs as a system service on Windows hosts and interacts with the file system; the flaw allows a non-administrative user to leverage this elevated process context to delete arbitrary system files, bypassing normal Windows access control mechanisms and potentially disabling security controls or corrupting system functionality.

RemediationAI

Upgrade Tenable Agent to version 10.8.5 or later on all affected Windows hosts; priority: Critical; vendor_advisory: Tenable advisory for CVE-2025-36633 (consult Tenable Security Center or vendor website for official patch links) Workaround: Restrict local system access to trusted users only; implement principle of least privilege for user accounts on systems running Tenable Agent; effectiveness: Partial - reduces attack surface by limiting local access but does not fix underlying vulnerability Mitigation: Monitor and restrict file deletion operations performed by Tenable Agent process; implement application whitelisting to prevent execution of unauthorized file deletion utilities; maintain Windows file system auditing for privileged file deletion events; effectiveness: Partial - detective controls do not prevent exploitation but improve incident response capability Detection: Monitor Windows event logs for file deletion events with SYSTEM privilege context from non-administrative sessions; alert on unexpected modifications to critical system directories; effectiveness: Partial - post-exploitation detection

CVE-2025-36631 HIGH
8.4 Jun 13

Privilege escalation vulnerability in Tenable Agent for Windows (versions prior to 10.8.5) that allows non-administrativ

CVE-2025-36632 HIGH
7.8 Jun 16

Privilege escalation vulnerability in Tenable Agent for Windows (versions prior to 10.8.5) that allows a non-administrat

CVE-2020-5793 HIGH
7.8 Nov 05

A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could all

CVE-2021-3450 HIGH
7.4 Mar 25

The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain.

CVE-2023-5847 HIGH
7.3 Nov 01

Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade t

CVE-2021-20118 MEDIUM
6.7 Sep 09

Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an auth

CVE-2021-20117 MEDIUM
6.7 Sep 09

Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an auth

CVE-2021-20077 MEDIUM
6.7 Mar 19

Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role security token on the local h

CVE-2019-16168 MEDIUM
6.5 Sep 09

In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missin

CVE-2026-2026 MEDIUM
6.1 Feb 13

Nessus Agent on Windows systems contains improper file permission controls that allow local authenticated users to trigg

Share

CVE-2025-36633 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy