CVE-2021-20117

Vulnerability

Nessus Agent versions 8.3.0 and earlier are affected by a local privilege escalation vulnerability. The flaw allows an authenticated, local administrator to run specific executables on the Nessus Agent host. The exact code path and configuration conditions are not disclosed in the available references [1], but the issue is distinct from CVE-2021-20118.

Exploitation

An attacker must have authenticated access to the Nessus Agent host with local administrator privileges. No network position beyond local access is required. The attacker can then run specific executables under a security context that results in privilege escalation. The exact sequence of steps is not detailed in the public advisory [1].

Impact

Successful exploitation allows the attacker to execute arbitrary executables with elevated privileges, leading to full compromise of the Nessus Agent host. The impact is local privilege escalation from an administrator account to a higher privilege level, potentially SYSTEM or root, depending on the host operating system.

Mitigation

Tenable released Nessus Agent 8.3.1 to address this vulnerability. Users should upgrade to version 8.3.1 or later, available from the Tenable Downloads Portal [1]. No workarounds are listed in the available references for versions that cannot be upgraded.