CVE-2025-24914

7.8

Critical

CVE-2025-24914

18 Apr 2025

vulnreport@tenable.com

Awaiting Analysis

Description

When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8.4 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location. - CVE-2025-24914

Exploits

No known exploits found for this CVE.

Search Exploit-DB

References

vulnreport@tenable.com

https://www.tenable.com/security/tns-2025-05