Vulnerability in Tenable’s Nessus Agent for Windows could allow attackers to execute malicious code with the highest level of system privileges. This vulnerability identified in Nessus Agent on Windows where an attacker is able to create a windows a junction, enabling the deletion of arbitrary files.

For enterprise security teams this raise serious questions as relying on the widely-deployed vulnerability assessment platform. As this flaw potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYSTEM privileges.

Vulnerability scanning tools operate by comparing system configurations, software versions, and network services against extensive databases of known vulnerabilities, like the KEV catalog. These databases are continuously updated by agencies, security researchers, and vendors, ensuring the tools can identify emerging threats.

Inside the vulnerability of Nessus

The impact of this vulnerability allows attackers to delete arbitrary files with SYSTEM privileges. From there, they can introduce malicious code and turn a limited foothold into full system compromise. 

Code running as SYSTEM can modify any file, install rootkits, disable security tools, and persist across reboots without restriction.

Nessus Agents are deployed across enterprise environments to perform continuous vulnerability scanning, often operating with elevated privileges on critical systems. 

While elevated access enables deep visibility, it also increases risk. Flaws in privileged services can become powerful entry points, allowing attackers to escalate privileges and gain full system control. 

Enterprises replying on trusted security tools perform certain actions

• Automated scanning
• Vulnerability detection
• Reporting and prioritization
• Policy compliance like HIPAA

Patching as Remediation

The vulnerability addressed in Nessus Agent version 11.1.3, by Tenable which is now available through the Tenable Downloads Portal. The company strongly urges all users to upgrade immediately, emphasizing that timely patch application is critical to reducing exposure.

Tenable reiterated its commitment to responsible disclosure, stating that it maintains active communication with security researchers and prioritizes rapid resolution of product vulnerabilities.

Security teams are also encouraged to report any newly discovered vulnerabilities directly to Tenable to facilitate coordinated patching.

The installation files can be obtained from the Tenable Downloads Portal (https://www.tenable.com/downloads/nessus-agents).

• Adapting Zero trust takes a micro-level approach to authenticating and approving access requests at every point within a network. The concept of least privilege means that nobody gets unrestricted access to the entire system. Instead, each request needs to be continuously monitored and verified to gain access to different parts of the network.

Sourcs : https://www.tenable.com/security/tns-2026-12