- Description
- When installing Nessus Agent to a non-default location on a Windows host, Nessus Agent versions prior to 10.8.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location.
- Source
- vulnreport@tenable.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- vulnreport@tenable.com
- CWE-276
- Hype score
- Not currently trending
🚨 CVE-2025-24915 🔴 HIGH (7.8) 🏢 Tenable - Nessus Agent 🏗️ 0 🔗 https://t.co/4HvJEsVR6k #CyberCron #VulnAlert #InfoSec https://t.co/Q5q5Zx9eTC
@cybercronai
23 Mar 2025
157 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
1 Quote
CVE-2025-24915 When installing Nessus Agent to a non-default location on a Windows host, Nessus Agent versions prior to 10.8.3 did not enforce secure permissions for sub-directories… https://t.co/c0EAYpwcEp
@CVEnew
21 Mar 2025
405 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes