Tenable Nessus Network Monitor, formerly known as PVS, Passive Vulnerability Scanner, is a network security scanner platform used by cybersecurity professionals. It utilizes a deep set of traffic and packet analysis to identify vulnerabilities, threats, and compliance violations. Nessus Network Monitor provides visibility into transient systems, services, applications, virtual hosts, cloud instances, and all corresponding traffic and activity.

Tenable Nessus Network Monitor

In Tenable Network Monitor versions prior to 6.5.1 on a Windows host, it was found that a non-administrative user could stage files in a local directory to run arbitrary code with SYSTEM privileges, potentially leading to local privilege escalation.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-24917	HIGH	7.8	Tenable Nessus Network Monitor	cpe:2.3:a:tenable:nessus_network_monitor	No	Yes	May 23, 2025
CVE-2025-24916	HIGH	7.8	Tenable Nessus Network Monitor	cpe:2.3:a:tenable:nessus_network_monitor	No	Yes	May 23, 2025
CVE-2023-5623	HIGH	7.8	Tenable Nessus Network Monitor	cpe:2.3:a:tenable:nessus_network_monitor	No	Yes	Oct 26, 2023
CVE-2023-5624	HIGH	7.2	Tenable Nessus Network Monitor	cpe:2.3:a:tenable:nessus_network_monitor	No	Yes	Oct 26, 2023
CVE-2024-9158	MEDIUM	4.6	Tenable Nessus Network Monitor	cpe:2.3:a:tenable:nessus_network_monitor	No	Yes	Sep 30, 2024

CVE-2025-24917:
Tenable Nessus Network Monitor vulnerability analysis and mitigation

7.8

Related Tenable Nessus Network Monitor vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2025-24917: Tenable Nessus Network Monitor vulnerability analysis and mitigation