Tenable Agent for Windows Vulnerability Let Attackers Login as Admin to Delete The System Files

Tenable, a prominent cybersecurity provider, has released version 10.8.5 of its Agent software to address three critical security vulnerabilities affecting Windows hosts running versions prior to 10.8.5.

These flaws, identified as CVE-2025-36631, CVE-2025-36632, and CVE-2025-36633, could allow non-administrative users to exploit SYSTEM-level privileges, potentially leading to severe system compromise or local privilege escalation.

Vulnerability Details

CVE-2025-36631: Arbitrary File Overwrite with SYSTEM Privileges

This vulnerability allows a non-administrative user to overwrite any local system file with log content at SYSTEM privilege.

Google News

By manipulating log outputs, an attacker could corrupt critical system files, disrupt operations, or create conditions for further exploitation, such as planting malicious files or altering system configurations.

CVE-2025-36632: Arbitrary Code Execution with SYSTEM Privileges

The second flaw permits a non-administrative user to execute arbitrary code at SYSTEM privilege, effectively granting them unrestricted control over the affected Windows host.

This could enable attackers to install malicious software, manipulate system processes, or gain persistent access to the system, posing a significant risk to organizational security.

CVE-2025-36633: Arbitrary File Deletion with SYSTEM Privileges

This vulnerability allows a non-administrative user to delete arbitrary local system files at SYSTEM privilege.

Such actions could lead to data loss, system instability, or the removal of critical security controls, potentially enabling local privilege escalation and further compromising the system.

Tenable has resolved these issues in Agent version 10.8.5, The company strongly recommends that users upgrade immediately to protect their systems.

Tenable emphasized its proactive approach to security, stating, “We prioritize rapid response to vulnerabilities and encourage timely patching to safeguard our customers.”

For vulnerability reporting, Tenable invites researchers to follow its Vulnerability Reporting Guidelines.

Automate threat response with ANY.RUN’s TI Feeds—Enrich alerts and block malicious IPs across all endpoints -> Request full access

Source link

Tenable Agent for Windows Vulnerability Let Attackers Login as Admin to Delete The System Files

Vulnerability Details

CVE-2025-36631: Arbitrary File Overwrite with SYSTEM Privileges

CVE-2025-36632: Arbitrary Code Execution with SYSTEM Privileges

CVE-2025-36633: Arbitrary File Deletion with SYSTEM Privileges

Read Next

Hundreds of Wordpress Websites Hacked By VexTrio Viper Group to Run Massive TDS Services

Windows 11 24H2 KASLR Broken Using an HVCI-Compatible Driver with Physical Memory Access

AMOS macOS Stealer Hides in GitHub With Advanced Sophistication Methods

Threat Actors Attacking Cryptocurrency and Blockchain Developers with Weaponized npm and PyPI Packages

New TokenBreak Attack Bypasses AI Model’s with Just a Single Character Change

China and Taiwan Accuse Each Other for Cyberattacks Against Critical Infrastructure

Acer Control Center Vulnerability Let Attackers Execute Malicious Code as a Privileged User

Microsoft 365 Authentication Issues Disrupt User Access Across Multiple Regions

Arsen Launches AI-Powered Vishing Simulation to Help Organizations Combat Voice Phishing at Scale

Kali Linux 2025.2 Released With New Smartwatch Wi-Fi Injection, Android Radio and Hacking Tools

Hundreds of Wordpress Websites Hacked By VexTrio Viper Group to Run Massive TDS Services

Windows 11 24H2 KASLR Broken Using an HVCI-Compatible Driver with Physical Memory Access

AMOS macOS Stealer Hides in GitHub With Advanced Sophistication Methods

Threat Actors Attacking Cryptocurrency and Blockchain Developers with Weaponized npm and PyPI Packages

New TokenBreak Attack Bypasses AI Model’s with Just a Single Character Change

China and Taiwan Accuse Each Other for Cyberattacks Against Critical Infrastructure

Acer Control Center Vulnerability Let Attackers Execute Malicious Code as a Privileged User

Microsoft 365 Authentication Issues Disrupt User Access Across Multiple Regions

Arsen Launches AI-Powered Vishing Simulation to Help Organizations Combat Voice Phishing at Scale

Kali Linux 2025.2 Released With New Smartwatch Wi-Fi Injection, Android Radio and Hacking Tools

Vulnerability Details

CVE-2025-36631: Arbitrary File Overwrite with SYSTEM Privileges

CVE-2025-36632: Arbitrary Code Execution with SYSTEM Privileges

CVE-2025-36633: Arbitrary File Deletion with SYSTEM Privileges

Read Next

Hundreds of Wordpress Websites Hacked By VexTrio Viper Group to Run Massive TDS Services

Windows 11 24H2 KASLR Broken Using an HVCI-Compatible Driver with Physical Memory Access

AMOS macOS Stealer Hides in GitHub With Advanced Sophistication Methods

Threat Actors Attacking Cryptocurrency and Blockchain Developers with Weaponized npm and PyPI Packages

New TokenBreak Attack Bypasses AI Model’s with Just a Single Character Change

China and Taiwan Accuse Each Other for Cyberattacks Against Critical Infrastructure

Acer Control Center Vulnerability Let Attackers Execute Malicious Code as a Privileged User

Microsoft 365 Authentication Issues Disrupt User Access Across Multiple Regions

Arsen Launches AI-Powered Vishing Simulation to Help Organizations Combat Voice Phishing at Scale

Kali Linux 2025.2 Released With New Smartwatch Wi-Fi Injection, Android Radio and Hacking Tools

Related Articles