Severity Level: Critical
Title:
Tenable Nessus Agent Outage
Summary:
Tenable has reported an ongoing incident affecting customers using Nessus Agent versions 10.8.0
and 10.8.1, where vulnerability scanner agents were taken offline due to a faulty differential plugin
update. This issue, which affects systems across multiple regions, including the Americas, Europe,
and Asia, has caused the Nessus agents to stop functioning for certain users.
Incident Overview
• On December 31, 2024, Tenable Nessus agent's version 10.8.0 and 10.8.1 went offline due to
a buggy differential plugin update. The issue affected customers across multiple continents,
impacting vulnerability scanning capabilities
Impact:
o Nessus agents running versions 10.8.0 and 10.8.1 are offline and unable to perform
vulnerability scans.
o Tenable has temporarily disabled plugin feed updates for the affected versions to prevent
further issues.
o Vulnerability management processes relying on Nessus agents are disrupted.
Resolution Steps:
To resolve the issue, customers must take the following actions:
o Upgrade or Downgrade: Affected systems must be upgraded to Nessus Agent version
10.8.2 or downgraded to version 10.7.31.
o Plugin Reset: If using agent profiles for upgrades or downgrades, a separate plugin reset
is required to recover offline agents
o Manual Intervention: The fix requires manually upgrading agents using the Tenable
Nessus Agent 10.8.2 install package.
o Plugin Reset Options:
o Use a script provided in the release notes
o Execute the nessuscli reset command
Recommendations:
• Upgrade to Nessus Agent version 10.8.2 or downgrade to 10.7.3 and reset plugins.
• Organizations to perform plugin resets to recover agents that have gone offline.
• Robust change management processes for security tools.
• Maintaining older, stable versions for quick rollback scenarios.
References:
click here