Description
This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYSTEM privileges.
Published: 2026-04-23
Score: 7.4 High
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary code execution with SYSTEM privileges
Action: Immediate Patch
AI Analysis

Impact

This vulnerability permits an attacker to create a junction that can delete arbitrary files with SYSTEM privileges, thereby potentially enabling the execution of malicious code with elevated permissions. The flaw is a file system manipulation weakness that, if exploited, could compromise the integrity of the target system and lead to full system compromise.

Affected Systems

The affected products are Tenable Nessus and Tenable Nessus Agent. No specific version information is provided, so all installations of these products are considered potentially impacted until the vendor issues a fix.

Risk and Exploitability

The CVSS score of 7.4 indicates a high severity, while the EPSS score of less than 1% suggests a low probability of exploitation at the current time. The vulnerability is not listed in CISA’s KEV catalog. Based on the description, the likely attack vector is local exploitation by a user with enough privileges to run Nessus or its agent; an attacker would need to achieve or already possess SYSTEM-level rights to take advantage of the junction creation and file deletion capability. The potential for arbitrary code execution depends on additional conditions beyond the junction manipulation, but the capability is present if the attacker can orchestrate the deletion of system files and replace them with malicious binaries.

Generated by OpenCVE AI on April 28, 2026 at 14:47 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor‑provided Nessus update that removes the junction‑creation flaw.
  • Reconfigure the Nessus service to run under a least‑privilege account that lacks SYSTEM rights and deny permissions that allow creation or deletion of junctions on critical directories.
  • Use Windows file‑system permissions or AppLocker rules to block the creation of junction points for the Nessus process, thereby preventing the deletion of arbitrary files.

Generated by OpenCVE AI on April 28, 2026 at 14:47 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 02:00:00 +0000

Type Values Removed Values Added
First Time appeared Tenable
Tenable nessus
Tenable nessus Agent
Vendors & Products Tenable
Tenable nessus
Tenable nessus Agent

Thu, 23 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 23 Apr 2026 18:45:00 +0000

Type Values Removed Values Added
Description This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYSTEM privileges.
Title Junction File Manipulation
Weaknesses CWE-59
References
Metrics cvssV4_0

{'score': 7.4, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P'}

Subscriptions

Tenable Nessus Nessus Agent
cve-icon MITRE

Status: PUBLISHED

Assigner: tenable

Published:

Updated: 2026-04-24T03:55:34.202Z

Reserved: 2026-03-23T16:39:06.329Z

Link: CVE-2026-33694

cve-icon Vulnrichment

Updated: 2026-04-23T18:51:09.791Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-23T19:17:28.073

Modified: 2026-04-24T14:50:56.203

Link: CVE-2026-33694

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T15:00:14Z

Weaknesses