Nessus has multiple plugins that can be used depending on the tool’s usage. The tool operates by checking each port on a computer, identifying what service it is operating, and testing this service to ensure that it does not contain any vulnerabilities a hacker could exploit.
Nessus, developed by Tenable, is one of organizations’ highly used vulnerability scanning tools due to its effectiveness and other features.
A Nessus plugin vulnerability was discovered and reported as part of the Tenable Vulnerability Disclosure Program (VDP).
This vulnerability exists on the binary of filesystem location that can allow threat actors to escalate privileges by abusing the plugin.
CVE-2023-2005: Tenable Plugin Privilege Escalation Vulnerability
An attacker with sufficient permissions on a scan target can place a binary on the filesystem in a specific location and abuse the plugin for escalating privileges.
This vulnerability has a CVSS score of 6.3 (medium), as Tenable gave, and was discovered by a Security researcher named Patrick Romero from CrowdStrike.
Security Updates
Tenable has released security patches for this vulnerability. Their community post also mentioned that the Java Detection and Identification had been updated to prevent this privilege escalation vulnerability.
This vulnerability has a low success exploitation ratio. However, Tenable Security researchers have released necessary security patches for all the vulnerable products.
Affected Products
Products affected by this vulnerability include;
- Tenable.io
- Tenable Nessus
- Tenable Security Center
Users of the above-mentioned products are recommended to update to the latest security update to prevent this vulnerability. New versions of the plugin can be found here.
Source: https://cybersecuritynews.com/nessus-plugin-flaw/