Primary

Context

Tenable Agent Arbitrary File Overwrite Vulnerability on Windows

Vulnerability

Patched

A vulnerability exists in Tenable Agent for Windows, affecting versions prior to 10.8.5. It allows non-administrative users to overwrite arbitrary local system files with log content, executing this action with SYSTEM privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized modification of system files, potentially allowing for further privilege escalation.

Remediation

Users are advised to upgrade to Tenable Agent version 10.8.5, available from the Tenable Downloads Portal.

Added: Jun 13, 2025, 3:21 PM

Updated: Jun 13, 2025, 3:21 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

5.0

exploitability

3.3

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

5.0

exploitability

3.3

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenable Agent Arbitrary File Overwrite Vulnerability on Windows

Vulnerability

Impact

Remediation

Affected Products

Tenable Agent

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating