Tenable: >> Nessus Network Monitor >> 6.5.0 Security Vulnerabilities
In Tenable Network Monitor versions prior to 6.5.1 on a Windows host, it was found that a non-administrative user could stage files in a local directory to run arbitrary code with SYSTEM privileges, potentially leading to local privilege escalation.
CVSS Score
7.8
EPSS Score
0.002
Published
2025-05-23
When installing Tenable Network Monitor to a non-default location on a Windows host, Tenable Network Monitor versions prior to 6.5.1 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location.
CVSS Score
7.0
EPSS Score
0.001
Published
2025-05-23