Vulners
Lucene search
Nessus Network Monitor < 6.5.1 Multiple Vulnerabilities (TNS-2025-10)
10
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(237289);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2025/05/30");
script_cve_id(
"CVE-2023-7256",
"CVE-2024-11053",
"CVE-2024-13176",
"CVE-2024-50602",
"CVE-2024-8006",
"CVE-2024-8176",
"CVE-2024-9143",
"CVE-2024-9681",
"CVE-2025-0167",
"CVE-2025-0725",
"CVE-2025-24916",
"CVE-2025-24917",
"CVE-2025-32414",
"CVE-2025-32415"
);
script_xref(name:"IAVA", value:"2025-A-0385");
script_name(english:"Nessus Network Monitor < 6.5.1 Multiple Vulnerabilities (TNS-2025-10)");
script_set_attribute(attribute:"synopsis", value:
"An instance of Tenable NNM installed on the remote system is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.5.1. It is,
therefore, affected by multiple vulnerabilities as referenced in the TNS-2025-10 advisory.
- In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a
heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML
schema with certain identity constraints, or a crafted XML schema must be used. (CVE-2025-32415)
- When installing Tenable Network Monitor to a non-default location on a Windows host, Tenable Network
Monitor versions prior to 6.5.1 did not enforce secure permissions for sub-directories. This could allow
for local privilege escalation if users had not secured the directories in the non-default installation
location. (CVE-2025-24916)
- In Tenable Network Monitor versions prior to 6.5.1 on a Windows host, it was found that a
non-administrative user could stage files in a local directory to run arbitrary code with SYSTEM
privileges, potentially leading to local privilege escalation. (CVE-2025-24917)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://www.tenable.com/security/TNS-2025-10");
script_set_attribute(attribute:"solution", value:
"Upgrade to Nessus Network Monitor 6.5.1 or later.");
script_set_attribute(attribute:"agent", value:"all");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-24917");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vendor_severity", value:"High");
script_set_attribute(attribute:"vuln_publication_date", value:"2025/05/22");
script_set_attribute(attribute:"patch_publication_date", value:"2025/05/22");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/05/27");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:tenable:nnm");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("nnm_installed_win.nbin", "nnm_installed_nix.nbin");
script_require_keys("installed_sw/Tenable NNM", "Host/nnm_installed");
exit(0);
}
include('vcf.inc');
var app_name = 'Tenable NNM';
var app_info = vcf::get_app_info(app:app_name);
vcf::check_granularity(app_info:app_info, sig_segments:3);
var constraints = [ { 'fixed_version' : '6.5.1' } ];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_HOLE
);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
30 May 2025 00:00Current
7.6High risk
Vulners AI Score7.6
CVSS 3.17.8
EPSS0.01399
SSVC