CVE-2025-36630: 
Tenable Nessus vulnerability analysis and mitigation

In Tenable Nessus versions prior to 10.8.5 on Windows hosts, a critical security vulnerability (CVE-2025-36630) was discovered that allows non-administrative users to overwrite arbitrary local system files with log content at SYSTEM privilege. The vulnerability was discovered in May 2025 and patched with the release of Nessus versions 10.8.5 and 10.9.0 on June 30, 2025 (Tenable Advisory).

The vulnerability stems from improper privilege management (CWE-269) in Nessus's logging mechanism on Windows systems. It has received a CVSSv3.1 base score of 8.4 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H. The vulnerability requires local access and low privileges to exploit, but does not require user interaction (Tenable Advisory, NVD).

The vulnerability allows non-administrative users to overwrite any system file with log content at SYSTEM privilege level. This could lead to system instability, privilege escalation, or denial of service by tampering with critical system files. The impact is particularly concerning in multi-user environments or shared systems (GBHackers).

Tenable has released Nessus versions 10.8.5 and 10.9.0 to address this vulnerability. Users are strongly urged to upgrade immediately to these versions. Additionally, it is recommended to implement strict access controls to limit local user privileges and monitor for unauthorized file modifications (Tenable Advisory).