Nessus Agent Vulnerability: Local Privilege Escalation
CVE-2024-3291
7.8HIGH
What is CVE-2024-3291?
A vulnerability exists in Nessus Agent related to the installation directory on Windows hosts. Versions before 10.6.4 do not enforce secure permissions for sub-directories when installed outside the default location. This oversight can lead to local privilege escalation, especially if users fail to implement security measures in non-default installation directories. Proper configuration and permission settings are crucial to mitigate risks associated with this vulnerability.
Affected Version(s)
Nessus Agent Windows 0