Tenable Blog

Tenable Research has discovered multiple memory corruption issues in Rockwell Automation RSLinx Classic Lite 4.00.01 that may allow for remote code execution or denial of service. Customers are encouraged to update their software.

In honor of the 20th anniversary of Nessus this year, we've been asking users around the world to answer the question, "I love Nessus because...." Here, Tenable's VP and Deputy CTO Glen Pendley does just that, sharing his experiences working with Nessus over the past two decades – and tells us how it delivered his first rock-star moment.

Editor's Note: This blog post was updated on Monday, October 1, to include a look at the new features introduced in Nessus 8.

Tenable Research discovered a major software flaw, dubbed Peekaboo, which gives cyber criminals control of certain video surveillance cameras, allowing them to secretly monitor, tamper with and even disable feeds. Here’s a quick look at what we know today.

Tenable Researcher Chris Lyne discovered that Advantech WebAccess versions 8.3, 8.3.1 and 8.3.2 are still vulnerable to remote command execution CVE-2017-16720, which was originally disclosed by ZDI in January 2018 and has a public exploit.

In August, Tenable Research voted to highlight CVE-2018-2893 in Oracle WebLogic Server because it was almost immediately exploited by multiple threat actors.

Novelty, sophistication or just plain weirdness are some of the potential criteria we use to select the Tenable vulnerability of the month. We collect nominations from our 70+ research team members, shortlist the finalists and give the entire team the chance to vote – combining the total experience and knowledge of Tenable Research to identify the vulnerability of the month.