从网页截图中获取到的关于漏洞的关键信息如下: 漏洞信息 CVE ID: CVE-2025-36640 Tenable Advisory ID: TNS-2026-01 Risk Factor: High 漏洞描述 Synopsis: A vulnerability has been identified in the installation/uninstallation of the Nessus Agent Tray App on Windows Hosts which could lead to escalation of privileges. 影响的产品 Nessus Agent prior to 11.0.0 and 11.0.2 修复措施 Nessus Agent 11.0.3 and Nessus Agent 10.9.3 are available from the Tenable Downloads Portal: https://www.tenable.com/download/nessus-agents. 披露时间线 2025-11-03: Report received by Tenable 2025-12-09: Report confirmed as valid 2026-01-07: Nessus Agent 11.0.3 and Agent 10.9.3 released 顾问时间线 2026-01-07: [R1] Initial Release 风险评估分数 CVSSv3 Base / Temporal Score: 8.8 / 7.9 CVSSv3 Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C CVSSv4 Base Score: 7.3 CVSSv4 Vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/IM:H/IH:H/IA:H/SA:H/RE:A/RL:O/RO:C/CV:H/CA:H/TI:H/TE:H/EF:H/RL:O/RC:C