In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege.

Related CVEs

CVE-2025-36631

Key Information

GHSA ID

GHSA-858m-8rff-64hq

Published

June 13, 2025 3:30 PM

Last Modified

June 13, 2025 3:30 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 18, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.