Home » IT safety: Vulnerable Windows – new vulnerability in Tenable Security Nessus Agent

IT safety: Vulnerable Windows – new vulnerability in Tenable Security Nessus Agent

by admin
IT safety: Vulnerable Windows – new vulnerability in Tenable Security Nessus Agent

There is a present safety warning from BSI for the Tenable Security Nessus Agent. Here yow will discover out what threatens the IT safety of Windows techniques, how excessive the chance is and what it is best to do about it.

Federal workplace for Security in Information Technology (BSI) reported a safety advisory for Tenable Security Nessus Agent on May 16, 2024. The safety vulnerability impacts the Windows working system and the Tenable Security Nessus product.

The newest producer suggestions for updates, workarounds and safety patches for this vulnerability could be discovered right here: Paid Security Consulting (Stop: 16.05.2024).

Security Advisory for Nessus Agent for Hire – Risk: High

Risk stage: 5 (excessive)
CVSS Base Score: 8.2
CVSS provisional rating: 7,1
Remote assault: No

The Common Vulnerability Scoring System (CVSS) is used to evaluate the severity of vulnerabilities in pc techniques. The CVSS customary makes it potential to check potential or precise safety dangers primarily based on numerous standards to create a precedence listing for countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, person interplay) and its outcomes. For short-term impact, body situations that will change over time are thought-about within the check. According to CVSS, the present vulnerability risk is assessed as “excessive” on the idea of 8.2 factors.

Nessus Security Agent for Hire Bug: Multiple vulnerabilities enable elevation of privilege

Nessus is a vulnerability scanner that may test not solely identified vulnerabilities but additionally software program patch ranges and configurations.

See also  Acronis, why invest in security-oriented MSPs

A neighborhood attacker can exploit a number of vulnerabilities within the Tenable Security Nessus Agent to raise his privileges or execute malicious code.

Vulnerabilities are recognized by CVE (Common Vulnerabilities and Exposures) product numbers. CVE-2024-3291 and CVE-2024-3292 on the market.

Systems affected by the safety hole at a look

working system
Windows

Products
Nessus Paid Security Agent

General steps for coping with IT vulnerabilities

  1. Users of the affected apps ought to keep up-to-date. When safety holes are identified, producers are required to repair them rapidly by growing a patch or workaround. When new safety updates can be found, set up them instantly.
  2. For info, see the sources listed within the subsequent part. This usually comprises extra details about the most recent model of the software program in query and the provision of safety patches or efficiency suggestions.
  3. If you could have any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to recurrently test if IT safety alert Affected producers present a brand new safety replace.

Manufacturer details about updates, patches and workarounds

Here you can find some hyperlinks with details about bug experiences, safety fixes and workarounds.

Tenable Security Advisory vom 2024-05-16 (16.05.2024)
For extra info, see:

Version historical past of this safety alert

This is the primary model of this IT safety discover for the Tenable Security Nessus agent. If updates are introduced, this doc might be up to date. You can examine adjustments or additions on this model historical past.

May 16, 2024 – First model

+++ Editorial word: This doc relies on present BSI knowledge and might be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++

See also  NASA missions currently 2024: All details and background information about today's Falcon 9 launch

comply with News.de you’re right here Facebook, Twitter, Pinterest once more YouTube? Here you can find scorching information, present movies and a direct line to the editorial group.

kns/roj/information.de

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy