Primary

Context

Tenable Agent Windows Privilege Escalation Vulnerability

Vulnerability

Patched

A vulnerability in Tenable Agent for Windows, prior to version 10.8.5, allows non-administrative users to delete arbitrary local system files with SYSTEM privileges. This could potentially lead to local privilege escalation.

Impact

Exploitation of this vulnerability could result in unauthorized deletion of system files, with the potential for local privilege escalation.

Remediation

Users can upgrade to Tenable Agent version 10.8.5 to address this vulnerability. The installation files are available on the Tenable Downloads Portal.

Added: Jun 13, 2025, 3:19 PM

Updated: Jun 13, 2025, 3:19 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tenable Agent Windows Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Tenable Agent

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating