Tenable has released critical security updates for its Nessus vulnerability scanner following the discovery of multiple security vulnerabilities, including a severe Windows-specific vulnerability that could allow non-administrative users to overwrite system files with elevated privileges.
The company has issued Nessus versions 10.8.5 and 10.9.0 to address these security concerns, which stem from both third-party component vulnerabilities and a newly identified local privilege escalation issue.
The most significant security vulnerability, designated CVE-2025-36630, affects Nessus installations running on Windows systems prior to version 10.8.5.
This vulnerability represents a serious local privilege escalation threat, allowing non-administrative users to overwrite arbitrary local system files using log content with SYSTEM-level privileges.
The vulnerability essentially enables attackers with limited user access to potentially compromise the entire Windows system by manipulating log outputs to overwrite critical system files.
This type of vulnerability is particularly concerning in enterprise environments where Nessus is commonly deployed for security scanning operations.
Organizations running affected versions on Windows hosts face the risk of internal privilege escalation attacks, where malicious users could leverage the vulnerability to gain unauthorized administrative access to systems.
The vulnerability’s impact is amplified by the fact that it operates at SYSTEM privilege level, representing the highest level of access within Windows operating systems.
The discovery and reporting of this vulnerability underscore the importance of comprehensive security testing even for security tools themselves.
Tenable’s proactive response in identifying and addressing this issue demonstrates the company’s commitment to maintaining the security integrity of its products, particularly given the sensitive nature of vulnerability scanning operations that Nessus performs.
Nessus Windows Vulnerabilities
Beyond the Windows-specific vulnerability, Tenable has addressed multiple security issues stemming from third-party software components integrated into Nessus.
The update includes significant upgrades to libxml2, which has been updated to version 2.13.8, and libxslt, updated to version 1.1.43.
These libraries are fundamental components that provide essential XML processing functionality within the Nessus platform.
The vulnerabilities in these third-party components highlight the complex security challenges faced by software vendors who integrate external libraries into their products.
While these components provide valuable functionality, they also introduce potential security risks that require continuous monitoring and timely updates.
Tenable’s decision to upgrade these components reflects industry best practices for managing third-party security risks.
Notably, the fix for CVE-2025-6021 has been specifically backported into the libxml2 version 2.13.8 implementation within Nessus 10.8.5, ensuring that users receive comprehensive protection against known vulnerabilities in this critical component.
This approach demonstrates Tenable’s thorough approach to security patching, ensuring that all relevant fixes are incorporated into their product releases.
Immediate Patch Deployment
Security experts strongly recommend that organizations running Nessus on Windows systems prioritize the immediate deployment of these updates.
The combination of local privilege escalation risks and third-party component vulnerabilities creates a compelling case for urgent patch management.
Tenable has made the updated installation files readily available through their official Downloads Portal, streamlining the update process for administrators.
Organizations should implement these updates as part of their standard security maintenance procedures, with particular attention to Windows-based Nessus deployments.
The availability of both versions 10.8.5 and 10.9.0 provides flexibility for different deployment scenarios and organizational update schedules.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
.webp?w=356&resize=356,220&ssl=1 "Microsoft Teams Blocking Users from Accessing Embedded Office Documents")
