CVE-2024-3290

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published May 17, 2024

CWE ID 269

CWE ID 908

Summary

CVE-2024-3290 is a newly identified vulnerability affecting the Nessus vulnerability scanner running on Windows. An authenticated, local attacker can exploit a race condition in the software during installation, allowing them to manipulate installation parameters and execute arbitrary code on the vulnerable Nessus host. This could potentially result in unauthorized access, data theft, or further system compromise. Users are strongly urged to apply the forthcoming patch from Tenable, the vendor of Nessus, to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Google Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/vfsXCs
https://www.cve.org/CVERecord?id=CVE-2024-3290
https://nvd.nist.gov/vuln/detail/CVE-2024-3290

Back to Vulnerability Database