CVE-2024-3292
published 2024-05-17CVE-2024-3292: A race condition vulnerability exists where an authenticated, local attacker on a Windows Nessus Agent host could modify installation parameters at…
PriorityP338high8.2CVSS 3.1
AVLACLPRLUIRSCCHIHAH
EPSS
0.17%
6.6th percentile
A race condition vulnerability exists where an authenticated, local attacker on a Windows Nessus Agent host could modify installation parameters at installation time, which could lead to the execution of arbitrary code on the Nessus host. - CVE-2024-3292
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tenable | nessus_agent | < 10.6.4 | 10.6.4 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Tenable
[R1] Nessus Agent Version 10.6.4 Fixes Multiple Vulnerabilities
blogs_tenable·2024-05-16
[R1] Nessus Agent Version 10.6.4 Fixes Multiple Vulnerabilities
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Wiz
CVE-2026-2026 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.2
CVE-2026-2026 [HIGH] CVE-2026-2026 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-2026 :
Tenable Nessus Agent vulnerability analysis and mitigation
A vulnerability has been identified where weak file permissions in the Nessus Agent directory on Windows hosts could allow unauthorized access, potentially permitting Denial of Service (DoS) attacks.
Source : NVD
## 5.4
Score
Published February 13, 2026
Severity MEDIUM
CNA Score 5.4
Affected Technologies
Tenable Nessus Agent
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 1.3
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:tenable:nessus_agent
Sources
Linux Severity MEDIUM Has Fix Added at: Feb 25, 2026
Windows Severity MEDIUM Has Fix Added at: Feb 25, 2026
Linux Severity
2024-05-17
Published