Introduction
Tenable has released an update to its Nessus Agent software, version 10.8.5 [2] [3] [4] [5] [6] [7], to address critical vulnerabilities affecting Windows hosts [5]. These vulnerabilities, if exploited [1] [4], could lead to severe system compromise or local privilege escalation [5].
Description
Tenable has released version 10.8.5 of its Nessus Agent software to address three high-severity vulnerabilities affecting Windows hosts running versions 10.8.4 and earlier [5]. These vulnerabilities, tracked as CVE-2025-36631 [2] [4] [5], CVE-2025-36632 [2] [3] [4] [5] [6] [7], and CVE-2025-36633 [2] [3] [4] [5] [6] [7], could allow non-administrative users to gain SYSTEM-level access [5] [7], leading to severe system compromise or local privilege escalation [5]. Currently, there is no evidence of these vulnerabilities being exploited in the wild [4].
-
CVE-2025-36631: This vulnerability involves improper privilege management, enabling a non-administrative user to overwrite arbitrary local system files using log content at SYSTEM privilege [3] [5]. This could potentially corrupt critical system files and disrupt operations (CVSSv3.1 score: 8.4).
-
CVE-2025-36632: This issue allows a non-administrative user to execute arbitrary code at SYSTEM privilege, granting unrestricted control over the affected Windows host [5]. This could facilitate the installation of malicious software and manipulation of system processes (CVSSv3.0 score: 7.8).
-
CVE-2025-36633: This flaw also involves improper privilege management, permitting a non-administrative user to delete arbitrary local system files at SYSTEM privilege [3] [5]. This could lead to data loss, system instability [5], and the removal of critical security controls [5], potentially resulting in local privilege escalation (CVSSv3.1 score: 8.8) [3].
Tenable strongly recommends that users upgrade to version 10.8.5 immediately to protect their systems [5], as all prior versions remain vulnerable [6]. The company emphasizes the importance of timely patching [5], enforcing least privilege [7], and conducting regular audits of environments to safeguard against these vulnerabilities and mitigate the risk of file manipulation or the introduction of malicious code onto affected systems.
Conclusion
The release of Nessus Agent version 10.8.5 is a critical step in mitigating the risks associated with these vulnerabilities. Users are urged to upgrade promptly to prevent potential exploitation. Implementing best practices such as timely patching, enforcing least privilege [7], and regular system audits will enhance security and protect against future threats.
References
[1] https://securityvulnerability.io/vulnerability/CVE-2025-36631
[2] https://www.cyware.com/resources/threat-briefings/daily-threat-briefing/cyware-daily-threat-intelligence-june-16-2025
[3] https://www.infosecurity-magazine.com/news/tenable-fixes-flaws-nessus/
[4] https://www.hendryadrian.com/high-severity-vulnerabilities-patched-in-tenable-nessus-agent/
[5] https://cybersecuritynews.com/tenable-agent-for-windows-vulnerability/
[6] https://www.heise.de/en/news/Tenable-Agent-security-vulnerabilities-Attackers-can-overwrite-system-data-10447080.html
[7] https://dailysecurityreview.com/podcasts/three-cves-one-risk-arbitrary-code-execution-in-nessus-agent-for-windows/
