CybrWolf

Menu

CVE‑2025‑36630: Local Privilege Escalation in Tenable Nessus on Windows

CVE‑2025‑36630 is a newly identified high-severity vulnerability affecting Tenable Nessus on Windows systems (versions prior to 10.8.5). The flaw allows non-administrative users to overwrite arbitrary system files with data from application logs running as SYSTEM, potentially enabling full privilege escalation.

Vulnerability Details

  • CVE ID: CVE‑2025‑36630
  • Affected Software: Tenable Nessus (Windows host)
  • Affected Versions: Before 10.8.5
  • CWE Identifier: CWE‑269 – Improper Privilege Management
  • CVSS v3.1 Score (Estimated): ~8.4 (High) (Based on Tenable’s advisory and typical local privilege escalation patterns; final score pending from official NVD analysis.)
  • Attack Vector: Local
  • Privileges Required: Low (non-admin user)
  • User Interaction: None
  • Scope: Changed
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: High

Exploitation Path

On affected systems, Nessus allows non-admin users to influence its logging process. An attacker with basic user access can inject or overwrite system-level files by feeding crafted entries into the application’s logs—elevating privileges to SYSTEM. While no public exploit has surfaced, this path presents a clear and dangerous attack vector.

Mitigation Steps

To protect against this vulnerability:

  1. Update Nessus Immediately: Ensure you’re running version 10.8.5 or later.
  2. Review Local User Permissions: Confirm that only trusted accounts have access to the Nessus application directory.
  3. Monitor Log Integrity: Set up alerts for modifications to key system files.
  4. Limit Local Write Access: Be especially cautious on servers where Nessus runs—only non-admin users should have restricted write permissions.

References & Attribution

NVD Entry for CVE-2025-36630 – National Vulnerability Database summary

https://nvd.nist.gov/vuln/detail/CVE-2025-36630

MITRE CVE Program – Source of CVE metadata and classification
© 1999–2025 The MITRE Corporation. Licensed under the MITRE CVE Terms of Use.
https://www.cve.org/Legal/TermsOfUse

Tenable CVE Listing

https://www.tenable.com/security/tns-2025-13

Subscribe to CybrWolf and stay ahead of threats.

Tagged