Three CVEs, One Risk: Arbitrary Code Execution in Nessus Agent for Windows

In this episode, we dive deep into one of the most critical attack techniques in modern cyber warfare: privilege escalation—and how it recently hit center stage with three high-severity vulnerabilities discovered in Tenable’s Nessus Agent for Windows.

We break down CVE-2025-36631, CVE-2025-36632, and CVE-2025-36633, which, when exploited, allow a non-administrative user to gain SYSTEM-level access, execute arbitrary code, delete critical files, or overwrite system content. These vulnerabilities, patched in version 10.8.5 of Nessus Agent, represent a textbook example of how privilege escalation paves the way for arbitrary code execution (ACE) and potential ransomware deployment.

In the second half of the episode, we unpack:
 🛠️ What privilege escalation is, including vertical and horizontal types
 📊 Real-world exploitation paths on Windows systems
 🔐 Why tools like BloodHound, winPEAS, and PowerUp are favorites among threat actors
 📉 The security impact of misconfigured services, overprivileged accounts, and weak registry settings
 ✅ And most importantly: what your organization can do to detect, prevent, and mitigate privilege escalation attacks before they spiral out of control

With privilege escalation playing a central role in everything from data breaches to ransomware infections, this episode is a must-listen for IT admins, security professionals, and anyone responsible for hardening their organization’s defenses.

🔄 Don't forget to patch your Nessus Agents, enforce least privilege, and audit your environments regularly.