Local Privilege Escalation Vulnerabilities in Nessus Agent for Windows
CVE-2021-20100
6.7MEDIUM
What is CVE-2021-20100?
The Nessus Agent for Windows, versions 8.2.4 and earlier, are prone to multiple local privilege escalation vulnerabilities. These flaws could enable an authenticated local administrator to execute specific Windows executables with elevated permissions, potentially compromising system integrity. Users are advised to upgrade to patched versions to mitigate these risks.
Affected Version(s)
Nessus Agent Nessus Agent 8.2.4 and earlier
References
CVSS V3.1
Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved