Nessus Vulnerabilities on Windows Enables Arbitrary System File Overwrites
A critical security vulnerability has been discovered and patched in Tenable’s Nessus vulnerability scanner for Windows, potentially allowing non-administrative users to overwrite any system file with SYSTEM-level privileges.
This flaw, tracked as CVE-2025-36630, impacts all Nessus versions prior to 10.8.5 on Windows platforms and has been rated as high severity due to its potential for significant system disruption and privilege escalation.
Vulnerability Overview
CVE-2025-36630 arises from improper privilege management in Nessus, where a non-administrative user could exploit the Nessus logging mechanism to overwrite arbitrary local system files with log content at SYSTEM privilege.
This could allow attackers to tamper with critical system files, potentially leading to system instability, privilege escalation, or denial of service.
Security researchers highlighted that the flaw does not require user interaction and can be exploited by any local user with low privileges, making it especially dangerous in multi-user environments or on shared systems.
There is currently no evidence of public proof-of-concept code or active exploitation, but the risk to affected systems is considered substantial.
Affected Versions and Fix
The vulnerability affects:
- Nessus for Windows versions prior to 10.8.5
Tenable has responded by releasing Nessus 10.8.5 and Nessus 10.9.0, which address CVE-2025-36630 as well as other third-party component vulnerabilities in libxml2 and libxslt.
Users are strongly urged to upgrade immediately to mitigate the risk.
| CVE ID | Description | Severity | Affected Versions | Fixed In |
| CVE-2025-36630 | Non-admin user can overwrite arbitrary local system files with log content at SYSTEM privilege | High | Nessus < 10.8.5 (Windows) | 10.8.5, 10.9.0 |
| CVE-2025-6021 | Vulnerability in libxml2 component | High | Nessus < 10.8.5 | 10.8.5, 10.9.0 |
| CVE-2025-24855 | Privilege escalation via improper access control | High | Nessus < 10.8.5 | 10.8.5, 10.9.0 |
Additional Vulnerabilities Addressed
The recent Nessus update also patches two other high-severity CVEs:
- CVE-2025-6021: A vulnerability in libxml2 component.
- CVE-2025-24855: Another privilege escalation issue.
Recommendations
- Upgrade Nessus immediately to version 10.8.5 or later on all Windows hosts.
- Implement strict access controls to limit local user privileges.
- Monitor for unauthorized file modifications and conduct thorough security reviews of affected systems.
Tenable has emphasized the importance of timely patching and encourages all users to review their installations to ensure they are not exposed to these high-impact vulnerabilities.
The impact of CVE-2025-36630 allows non-administrative users to overwrite arbitrary local system files, compromising system integrity.
Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates
Source link
