heise PlusAbo
Anzeige

Tenable Agent security vulnerabilities: Attackers can overwrite system data

The developers have closed several security gaps in the current version of Tenable Agent.

listen Print view

(Image: Alfa Photo/Shutterstock.com)

1 min. read
Security
By

The Tenable Agent vulnerability scanner is currently vulnerable itself. Attackers can use three vulnerabilities to attack systems. So far there are no reports of ongoing attacks. A repaired version is available for download.

Install security update

In a warning message, the developers state that they have closed a total of three vulnerabilities (CVE-2025-36631"high", CVE-2025-36632 "high", CVE-2025-36633 "high"). According to the descriptions of the vulnerabilities, non-administrative users can carry out attacks. If this works, attackers can manipulate or even delete files with system rights, among other things. Malicious code can also get onto PCs.

Videos by heise

It is not yet clear how such attacks could be carried out in detail. It is also currently unknown how admins can recognize computers that have already been attacked. The developers claim to have closed the vulnerabilities in Tenable Agent 10.8.5. All previous versions are said to be vulnerable.

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten