Bad Tenable Plugin Updates Take Down Nessus Agents Globally

<p>Tenable&comma; a leading cybersecurity company&comma; has acknowledged a widespread issue that rendered its Nessus vulnerability scanner agents offline&period; The incident&comma; which began on December 31&comma; 2024&comma; was caused by buggy differential plugin updates&period; Affected customers must now take manual steps to bring their systems back online&period;<&sol;p>&NewLine;<h2>What Went Wrong with Nessus Agents&quest;<&sol;h2>&NewLine;<p>The problem arose after plugin updates were applied to Nessus Agent versions 10&period;8&period;0 and 10&period;8&period;1&period; As per Tenable’s incident report&comma; the updates disrupted agents for &&num;8220&semi;certain users on all sites&comma;&&num;8221&semi; leading to a global outage that affected systems in the Americas&comma; Europe&comma; and Asia&period; In response&comma; Tenable paused plugin updates to prevent the issue from spreading further&period;<&sol;p>&NewLine;<p>Tenable has since released Nessus Agent version 10&period;8&period;2 to address the problem&comma; pulling the flawed versions from circulation&period; The company announced plans to resume plugin feed updates by the end of the day&comma; ensuring that future updates can be downloaded without triggering new issues&period;<&sol;p>&NewLine;<p><a href&equals;"https&colon;&sol;&sol;www&period;theibulletin&period;com&sol;wp-content&sol;uploads&sol;2025&sol;01&sol;Nessus-vulnerability-scanner-software-update-issue&period;jpg"><img class&equals;"aligncenter size-full wp-image-56262" src&equals;"https&colon;&sol;&sol;www&period;theibulletin&period;com&sol;wp-content&sol;uploads&sol;2025&sol;01&sol;Nessus-vulnerability-scanner-software-update-issue&period;jpg" alt&equals;"Nessus vulnerability scanner software update issue" width&equals;"1873" height&equals;"461" &sol;><&sol;a><&sol;p>&NewLine;<h2>Manual Upgrades&colon; A Necessary Step for Recovery<&sol;h2>&NewLine;<p>While the new agent version fixes the problem&comma; recovering affected systems requires manual intervention&period; Customers must either&colon;<&sol;p>&NewLine;<ul>&NewLine;<li>Upgrade their agents to version 10&period;8&period;2&period;<&sol;li>&NewLine;<li>Downgrade to the older&comma; stable version 10&period;7&period;3&period;<&sol;li>&NewLine;<&sol;ul>&NewLine;<p>However&comma; for those using agent profiles for upgrades or downgrades&comma; the recovery process also includes a plugin reset&period; This step is crucial to bringing the offline agents back into operation&period;<&sol;p>&NewLine;<p>Tenable provided detailed instructions for users&comma; including&colon;<&sol;p>&NewLine;<ul>&NewLine;<li>Downloading and installing the Nessus Agent 10&period;8&period;2 package&period;<&sol;li>&NewLine;<li>Resetting plugins using a shared script or the <code>nessuscli reset<&sol;code> command&period;<&sol;li>&NewLine;<&sol;ul>&NewLine;<p>The process may be cumbersome&comma; but it’s the only solution to restore functionality&period;<&sol;p>&NewLine;<h2>Broader Implications for Cybersecurity<&sol;h2>&NewLine;<p>This isn’t the first time a software update has caused chaos on a global scale&period; In July 2024&comma; a faulty CrowdStrike Falcon update triggered blue screen of death &lpar;BSOD&rpar; errors across hundreds of thousands of Windows systems worldwide&period; The incident brought down banks&comma; airlines&comma; hospitals&comma; and other critical infrastructures&period;<&sol;p>&NewLine;<p>While the Tenable issue hasn’t reached the same level of disruption&comma; it highlights a persistent challenge in the cybersecurity industry&colon; balancing rapid deployment with rigorous testing&period; Faulty updates can jeopardize not just individual systems but entire networks and services&period;<&sol;p>&NewLine;<p>To manage this incident effectively&comma; Tenable has advised users to take the following steps&colon;<&sol;p>&NewLine;<ul>&NewLine;<li>Upgrade Agents&colon; Move to Nessus Agent version 10&period;8&period;2 to prevent further disruptions&period;<&sol;li>&NewLine;<li>Downgrade if Necessary&colon; For those unable to upgrade&comma; version 10&period;7&period;3 remains a stable fallback&period;<&sol;li>&NewLine;<li>Reset Plugins&colon; Perform a plugin reset if agent profiles are used&period;<&sol;li>&NewLine;<&sol;ul>&NewLine;<p>Here’s a quick checklist for affected organizations&colon;<&sol;p>&NewLine;<ul>&NewLine;<li>Ensure access to the necessary installation packages&period;<&sol;li>&NewLine;<li>Verify agent versions and take appropriate upgrade or downgrade actions&period;<&sol;li>&NewLine;<li>Reset plugins manually using Tenable’s provided tools&period;<&sol;li>&NewLine;<&sol;ul>&NewLine;<p>This recovery process&comma; while inconvenient&comma; is critical for regaining operational functionality&period;<&sol;p>&NewLine;<p>Tenable’s swift response—pulling the faulty updates and providing a fixed version—has helped limit the damage&period; However&comma; this incident underscores the need for robust quality control in software updates&comma; especially for tools as critical as vulnerability scanners&period;<&sol;p>&NewLine;