Tenable warns users to update now following possible plugin security issue
Share:
Users will need to manually update to restore Nessus agents. When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Tenable has urged users to update their Nessus instances to avoid a potential plugin security issue.
![[coding]](https://vanilla.futurecdn.net/cyclingnews/media/img/missing-image.svg)
Tenable Nessus is a widely used vulnerability scanner that helps identify and assess security vulnerabilities, misconfigurations, and compliance issues in networks, applications, and systems. However, in the final hours of December 2024, the company said it was “aware of and actively investigating” an issue with Nessus agents going offline after plugin updates for certain users on all sites - and as a result, the company temporarily stopped plugin updates.
The incident apparently affected Nessus Agent versions 10.8.0 and 10.8.1, for users in North and Latin America, Europe, and Asia. To address the issue, Tenable released Nessus Agent version 10.8.2. "There is a known issue which can cause Tenable Nessus Agent 10.8.0 and 10.8.1 to go offline when a differential plugin update is triggered. To prevent such an issue, Tenable has disabled plugin feed updates for these two agent versions. Additionally, Tenable has disabled the 10.8.0 and 10.8.1 versions to prevent further issues," the release notes detailed.
Now, users are called to either upgrade to 10.8.2, or downgrade to 10.7.3 to bring their Nessus agents online. However, they also need to reset their plugins. “If you are using agent profiles for agent upgrades or downgrades, you must perform a separate plugin reset to recover any offline agents," the company concluded.
