CVE-2026-2026
Weak File Permissions in Nessus Agent on Windows Allow DoS
Publication date: 2026-02-13
Last updated on: 2026-02-24
Assigner: Tenable Network Security, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tenable | nessus_agent | to 11.0.4 (exc) |
| tenable | nessus_agent | From 11.1.0 (inc) to 11.1.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-276 | During installation, installed file permissions are set to allow anyone to modify those files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2026-2026 is a vulnerability in Tenable's Nessus Agent on Windows hosts caused by weak file permissions in the Nessus Agent directory."}, {'type': 'paragraph', 'content': 'These weak permissions could allow unauthorized users with local access to gain entry to the directory, potentially enabling them to cause Denial of Service (DoS) attacks.'}, {'type': 'paragraph', 'content': 'The issue is classified under CWE-276: Incorrect Default Permissions.'}] [1]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing unauthorized local users with low privileges to access the Nessus Agent directory on Windows hosts.
Such access could lead to Denial of Service (DoS) attacks, which would disrupt the availability of the Nessus Agent service.
The confidentiality impact is low, and there is no impact on integrity, but the availability impact is high.
Therefore, the main risk is service disruption rather than data compromise.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability involves weak file permissions in the Nessus Agent directory on Windows hosts, which could allow unauthorized access.'}, {'type': 'paragraph', 'content': 'To detect this vulnerability on your system, you should check the file permissions of the Nessus Agent directory on Windows hosts to ensure they are not overly permissive.'}, {'type': 'paragraph', 'content': 'While specific commands are not provided in the resources, a typical approach on Windows would be to use PowerShell commands such as "Get-Acl" to review the Access Control Lists (ACLs) of the Nessus Agent directory and its files.'}, {'type': 'list_item', 'content': "Example command: Get-Acl -Path 'C:\\Program Files\\Tenable\\Nessus Agent' | Format-List"}, {'type': 'paragraph', 'content': 'Review the output for any permissions that allow unauthorized users to access or modify files.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate and recommended step to mitigate this vulnerability is to upgrade the Nessus Agent to a fixed version.
- Upgrade Nessus Agent to version 11.0.4 or 11.1.2 or later, which correct the file permissions issue.
These fixed versions are available from the Tenable Downloads Portal.
Prompt patching is emphasized to prevent unauthorized access and potential Denial of Service attacks.