Tenable OT SSH Misconfiguration Leading to Potential Information Exfiltration
Vulnerability
A misconfiguration in the SSH settings of Tenable OT versions through 4.2.40 has been identified, allowing the potential exfiltration of socket, port, and service information. This vulnerability arises from the use of the ostunnel user and GatewayPorts, which could be exploited to gather details about the underlying system, potentially leading to a compromise of the host.
Impact
Exploitation of this vulnerability could allow an attacker to gather sensitive information about the system's network services and ports, which could be used to plan a further attack or compromise the host.
Remediation
Tenable has released a patch named 'tenable-ot-platform-137' to address this vulnerability. This patch is available for currently deployed products. For new installations, the Tenable OT Security and Tenable OT Security Enterprise Manager ISOs released on March 18, 2026, include the fix. These installation files can be downloaded from the Tenable Downloads Portal.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.