Executive Risk Summary
"A vulnerability in Nessus Agent versions prior to 10.8.3 allows for local privilege escalation when installed to a non-default location on a Windows host. This is due to the lack of secure permissions enforcement for sub-directories, which could be exploited if users have not secured the directories in the non-default installation location."
Operational Audit Arsenal
Target Type Software
Target Asset Nessus Agent
Standard Path Non-default installation location on Windows host
PowerShell
# 🛠️ Senior Engineer Universal Audit
# Target: Nessus Agent (Software)
$Target = "Nessus Agent"
$SearchPaths = @("$env:windir\System32", "$env:ProgramFiles", "${env:ProgramFiles(x86)}")
Get-ChildItem -Path $SearchPaths -Filter $Target -Recurse -ErrorAction SilentlyContinue |
Select-Object FullName, @{Name="Version";Expression={$_.VersionInfo.ProductVersion}}Patch Impact Forecast
Reboot Required
Unknown
Service Disruption
Low to Moderate
Internal Work Notes
Upgrade Nessus Agent to version 10.8.3 or later to mitigate the vulnerability. Ensure secure permissions are enforced for sub-directories in non-default installation locations.
Intelligence Sources
Scope of Impact
Original NVD Description
"When installing Nessus Agent to a non-default location on a Windows host, Nessus Agent versions prior to 10.8.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location."
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.