CVE-2021-20135

Summary

Nessus versions 8.15.2 and earlier were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. Tenable has included a fix for this issue in Nessus 10.0.0. The installation files can be obtained from the Tenable Downloads Portal (https://www.tenable.com/downloads/nessus).

Affected Software

VendorProductVersion RangeStatus
n/aNessusNessus 8.15.2 and earlieraffected

Weaknesses

  • local privilege escalation

ADP Enrichment

CVE Program Container

Additional References

References