HIGHCVE-2026-33694Published Modified CNA tenable
CVE-2026-33694: Junction File Manipulation
This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYSTEM privileges.
Metrics
- CVSS v4.0
- 7.4
- Severity
- HIGH
- Fixed in
- —
- Affected Products
- 1
Affected packages
- Tenable, Inc. / Tenable Nessus, Tenable Nessus Agent≤ 11.1.2 · ≤ 10.11.3
CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:PReferences