CVE-2024-3291

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published May 17, 2024

CWE ID 190

CWE ID 787

Summary

CVE-2024-3291 is a vulnerability affecting Nessus Agent on Windows hosts. In versions prior to 10.6.4, installing the agent in a non-default directory did not ensue secure permissions for sub-directories. This oversight could potentially allow local privilege escalation if users failed to secure these directories, creating a risk for unauthorized access or system manipulation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Google Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/vfsEuS
https://www.cve.org/CVERecord?id=CVE-2024-3291
https://nvd.nist.gov/vuln/detail/CVE-2024-3291

Back to Vulnerability Database