CVE-2024-3291: 
Tenable Nessus Agent vulnerability analysis and mitigation

CVE-2024-3291 affects Nessus Agent versions prior to 10.6.4. The vulnerability was discovered when installing Nessus Agent to a directory outside of the default location on a Windows host, where the application failed to enforce secure permissions for sub-directories. The vulnerability was reported on February 26, 2024, confirmed as valid on March 5, 2024, and was patched with the release of Nessus Agent 10.6.4 on May 16, 2024 (Tenable Advisory).

The vulnerability is classified as an improper preservation of permissions issue (CWE-281). It has been assigned a CVSS v3.1 base score of 7.8 (High) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access requirements with low attack complexity and privilege requirements, no user interaction needed, and high impacts on confidentiality, integrity, and availability (Tenable Advisory).

The vulnerability could allow for local privilege escalation if users had not secured the directories in the non-default installation location. This could potentially lead to unauthorized access and system compromise with elevated privileges (Tenable Advisory).

Tenable has released Nessus Agent 10.6.4 to address this vulnerability. Users are advised to upgrade to this version to mitigate the risk. The installation files can be obtained from the Tenable Downloads Portal (Tenable Advisory).