CVE-2025-24915
📋 TL;DR
This vulnerability allows local privilege escalation on Windows systems where Nessus Agent was installed to a non-default location with insecure directory permissions. Attackers could exploit weak permissions on sub-directories to gain elevated privileges. Only affects users who installed Nessus Agent to custom locations without securing those directories.
💻 Affected Systems
- Tenable Nessus Agent
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Local attacker gains SYSTEM/administrator privileges on the Windows host, enabling complete system compromise, credential theft, and lateral movement.
Likely Case
Local user with limited privileges escalates to administrator/SYSTEM level to install malware, modify system configurations, or access sensitive data.
If Mitigated
Minimal impact if directories are properly secured or agent is installed to default location with correct permissions.
🎯 Exploit Status
Requires local access and ability to write to insecure directories. No public exploits known at this time.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 10.8.3
Vendor Advisory: https://www.tenable.com/security/tns-2025-02
Restart Required: No
Instructions:
1. Download Nessus Agent 10.8.3 or later from Tenable portal. 2. Run the installer to upgrade existing installation. 3. Verify installation completed successfully.
🔧 Temporary Workarounds
Secure directory permissions
windowsManually set proper permissions on Nessus Agent installation directories to prevent unauthorized write access.
icacls "C:\Path\To\NessusAgent" /inheritance:r /grant:r "SYSTEM:(OI)(CI)F" "Administrators:(OI)(CI)F" "Users:(OI)(CI)RX"
🧯 If You Can't Patch
- Audit all non-default Nessus Agent installations and verify directory permissions are properly secured.
- Consider moving installations to default locations where proper permissions are automatically enforced.
🔍 How to Verify
Check if Vulnerable:
Check if Nessus Agent is installed to non-default location and verify directory permissions using 'icacls' command on Windows.Check Version:
"C:\Program Files\Tenable\Nessus Agent\nessuscli.exe" --versionVerify Fix Applied:
Verify Nessus Agent version is 10.8.3 or later using the agent interface or check installed programs in Control Panel.📡 Detection & Monitoring
Log Indicators:
- Unusual file creation/modification in Nessus Agent directories
- Privilege escalation attempts via Windows Event Logs (Event ID 4672, 4688)
Network Indicators:
- None - this is a local attack
SIEM Query:
source="windows_security" AND (event_id=4672 OR event_id=4688) AND process_name="*nessus*"