exploitDog

CVE-2025-24915

Опубликовано: 21 мар. 2025

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

When installing Nessus Agent to a non-default location on a Windows host, Nessus Agent versions prior to 10.8.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location.

Ссылки

https://www.tenable.com/security/tns-2025-02

EPSS

Процентиль: 3%

0.00015

Низкий

7.8 High

CVSS3

Дефекты

CWE-276

Связанные уязвимости

GHSA-x7rr-8x5p-q75q

CVSS3: 7.8

github

11 месяцев назад

When installing Nessus Agent to a non-default location on a Windows host, Nessus Agent versions prior to 10.8.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location.

EPSS

Процентиль: 3%

0.00015

Низкий

7.8 High

CVSS3

Дефекты

CWE-276