Tenable Plugin Flaw Disrupts Nessus Agents Globally

Tenable has announced that customers must take the initiative to manually upgrade their software in order to restore the functionality of Nessus vulnerability scanner agents that were taken offline on December 31 due to problematic differential plugin updates.

In an incident report issued after halting plugin updates to prevent further complications, Tenable acknowledged that these agents went offline “for certain users across all locations.”

This ongoing incident affects systems that were updated to Nessus Agent versions 10.8.0 and 10.8.1 across the Americas, Europe, and Asia. Tenable has subsequently removed the flawed versions and introduced Nessus Agent version 10.8.2 to rectify the issue that caused the agents to suspend operation.

According to a recent update on their status page, Tenable intends to resume the plugin feed by the day’s end, allowing for plugin downloads to recommence.

“A known issue has emerged that can lead to Tenable Nessus Agent 10.8.0 and 10.8.1 going offline when a differential plugin update is initiated. To mitigate this, Tenable has disabled plugin feed updates for these two agent versions,” Tenable noted in the Nessus Agent 10.8.2 release notes.

Manual Upgrades Essential for Restoration

Customers affected by this issue must either upgrade to agent version 10.8.2 or revert to 10.7.3 to bring their Nessus agents back online. However, if agent profiles are utilized for these changes, a plugin reset is necessary to recover those offline agents.

Moreover, restoring functionality involves manually upgrading agents using the Tenable Nessus Agent 10.8.2 install package while resetting the agent plugins as needed, either via a script or using the nessuscli reset command.

It is worth noting that a similar situation occurred in July 2024, involving a faulty CrowdStrike Falcon update that led to significant outages, impacting numerous organizations worldwide, including banks, airlines, and hospitals.