Tenable Nessus Agents Offline Due to Plugin Bug, Manual Upgrade Required

Summary:
On December 31, 2024, Tenable Nessus vulnerability scanner agents were taken offline due to a buggy differential plugin update that impacted users globally. This issue affected Nessus Agent versions 10.8.0 and 10.8.1 across the Americas, Europe, and Asia. Tenable has since pulled these faulty versions and released Nessus Agent version 10.8.2 to resolve the problem and restore agent functionality.

Tenable temporarily paused plugin updates to prevent the issue from spreading but has confirmed that affected customers must perform manual upgrades to restore offline agents. The new 10.8.2 release addresses the bug that caused agents to shut down during plugin updates.

Nessus, a leading vulnerability scanner, is crucial in identifying and mitigating risks within enterprise environments. Disruptions like this can expose organizations to threats if scanner agents remain offline.

This issue reflects a broader industry challenge: Automatic updates, while convenient, can introduce widespread vulnerabilities. Organizations relying on Nessus should ensure they apply updates manually and monitor Tenable’s advisories closely to avoid operational disruptions.

The comparison to the CrowdStrike Falcon update incident in July 2024 serves as a reminder of how software glitches can escalate into large-scale outages, underscoring the need for comprehensive testing protocols and rollback strategies.

Suggested Corrections:
To recover offline Nessus agents and restore scanning capabilities, Tenable advises customers to:

  1. Manually Upgrade to Nessus Agent 10.8.2: Download and install the latest agent version to resolve the bug.
  2. Downgrade to Version 10.7.3 (Optional): If upgrading is not feasible, users can revert to the previous stable version (10.7.3).
  3. Perform Plugin Reset (If Required):For customers using agent profiles during upgrades, a plugin reset is necessary to bring agents back online. This can be done by:
    • Running the provided reset script (found in the 10.8.2 release notes).
    • Executing the nessuscli reset command.
  4. Monitor Plugin Updates: Tenable plans to resume plugin feed updates, but users should stay informed via Tenable’s status page for ongoing updates and advisories.

Link(s):
https://www.bleepingcomputer.com/ne...in-updates-take-down-nessus-agents-worldwide/

Contact Us for Threat Assistance Back to Current Threats

Just Starting?



Contact LACyber for More Info

Form Temporarily Disabled
Please Call 716 871-7040 for Service


Current Active Cyber Threats