5.12.0

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

tenable

NVD

Published: 2020-11-06

Updated: 2021-09-09

Summary

A vulnerability in Nessus Network Monitor versions 5.11.0, 5.11.1, and 5.12.0 for Windows could allow an authenticated local attacker to execute arbitrary code by copying user-supplied files to a specially constructed path in a specifically named user directory. The attacker needs valid credentials on the Windows system to exploit this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Tenable Tenable Nessus Network Monitor 5.11.0 Tenable Nessus Network Monitor 5.11.1 Tenable Nessus Network Monitor 5.12.0	3
OS	Microsoft Microsoft Windows -	1

References

https://www.tenable.com/security/tns-2020-09