CVE-2024-3291 Privilege Escalation

2024-05-1716:59:56

CWE-281

tenable

github.com

cve-2024-3291

nessus agent

windows

privilege escalation

secure permissions

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

When installing Nessus Agent to a directory outside of the default location on a Windows host, Nessus Agent versions prior to 10.6.4 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location.

CNA Affected

[
  {
    "defaultStatus": "affected",
    "platforms": [
      "Windows"
    ],
    "product": "Nessus Agent",
    "vendor": "Tenable",
    "versions": [
      {
        "lessThan": "10.6.4",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]