CVE-2025-36631

Опубликовано: 13 июн. 2025

Источник: nvd

CVSS3: 8.4

CVSS3: 7.8

EPSS Низкий

Описание

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege.

Ссылки

https://www.tenable.com/security/tns-2025-11
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:tenable:nessus_agent:*:*:*:*:*:*:*:*

Версия до 10.8.5 (исключая)

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 4%

0.00019

Низкий

8.4 High

CVSS3

7.8 High

CVSS3

Дефекты

CWE-269

NVD-CWE-noinfo

Связанные уязвимости

GHSA-858m-8rff-64hq

CVSS3: 8.4

github

8 месяцев назад

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege.

EPSS

Процентиль: 4%

0.00019

Низкий

8.4 High

CVSS3

7.8 High

CVSS3

Дефекты

CWE-269

NVD-CWE-noinfo