The CERT-FR reported multiple vulnerabilities in Tenable products, allowing attackers to execute arbitrary code and obtain privilege escalation. Affected systems include Nessus versions prior to 10.7
3 and Nessus agent versions prior to 10.6.4. Remediation details can be found in the security bulletins tns-2024-08 and tns-2024-09 released by Tenable on May 16, 2024, with corresponding CVE references (CVE-2024-3289, CVE-2024-3290, CVE-2024-3291, CVE-2024-3292) for each vulnerability.https://www.cert.ssi.gouv.fr/avis/CERTFR-2024-AVI-0415/