CVE-2025-36632

Summary

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could execute code with SYSTEM privilege.

Affected Software

VendorProductVersion RangeStatus
TenableAgent0 < 10.8.5affected

Weaknesses

  • CWE-276: CWE-276 Incorrect Default Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References