Local File Overwrite Vulnerability in Tenable Nessus on Windows Systems

CVE-2025-36630

What is CVE-2025-36630?

CVE-2025-36630 is a local file overwrite vulnerability found in Tenable Nessus, a widely used vulnerability assessment tool that helps organizations manage their exposure to security risks. The flaw specifically affects versions of Nessus prior to 10.8.5 running on Windows systems. This vulnerability allows a non-administrative user to overwrite arbitrary local system files with log content executed under system privileges. Such a capability poses serious risks, as it may enable attackers to manipulate critical system files, potentially leading to further exploitation, system outages, or unauthorized data access. For organizations relying on Nessus for vulnerability management, this flaw could compromise the integrity of their security assessments and overall system reliability.

Potential impact of CVE-2025-36630

1. Unauthorized File Modification: Attackers can leverage this vulnerability to overwrite sensitive system files, which can disrupt normal operations and introduce instability within affected systems.

2. Privilege Escalation Risks: Since the operation executes with system privileges, it increases the potential for attackers to gain elevated access to sensitive files and system controls, facilitating more severe attacks.

3. Data Integrity Compromise: The ability to alter log content may enable malicious users to hide their activities or cover up security incidents, undermining an organization's ability to conduct thorough forensic investigations and maintain accurate security records.

References