CVE-2021-20099

MEDIUM

Nessus Agent < 8.2.4 - Authenticated Local Privilege Escalation via Windows Executable Execution

Title source: llm
STIX 2.1

Description

Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20100.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.tenable.com/security/tns-2021-12

Scores

CVSS v3 6.7
EPSS 0.0006
EPSS Percentile 19.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (1)
tenable/nessus < 8.2.4
Published Jun 28, 2021
Tracked Since Feb 18, 2026