Tenable Nessus Agents Offline Worldwide After Buggy Plugin Update

Tenable's vulnerability management platform has been experiencing significant disruptions after a problematic plugin update caused Nessus agents to go offline globally. The issue specifically affects Tenable Vulnerability Management and Tenable Security Center customers running Nessus Agent versions 10.8.0 and 10.8.1.

The company acknowledged the widespread problem, which impacts systems across the Americas, Europe, and Asia. To prevent further complications, Tenable has disabled plugin feed updates for these specific agent versions and suspended the 10.8.0 and 10.8.1 versions entirely.

Customers facing this issue must take immediate action to restore their Nessus agents' functionality. Tenable recommends two primary solutions: upgrading agents to version 10.8.2 or downgrading version to 10.7.3. However, the resolution process is not straightforward and requires additional steps, particularly for those using agent profiles for upgrades or downgrades.

Importantly, simply upgrading or downgrading is not enough. Affected users must also perform a separate plugin reset to recover offline agents. This can be accomplished either by using a script provided in the release notes or by executing the nessuscli reset command.

The manual intervention required highlights the complexity of the issue and the potential risks associated with automatic software updates. Tenable has been transparent about the problem, providing detailed instructions for customers to mitigate the agent offline situation.

This incident draws parallels to previous large-scale technical disruptions in the cybersecurity industry, such as the CrowdStrike Falcon update in July 2024 that caused widespread system outages. While the scale may differ, such events underscore the critical importance of careful software update management and robust recovery procedures.

For organizations relying on Tenable's vulnerability management tools, the recommended course of action is to carefully follow Tenable's guidance. This includes verifying current agent versions, preparing the necessary upgrade or downgrade packages, and being prepared to reset plugins to restore full system functionality.

As the cybersecurity landscape continues to evolve, incidents like these serve as important reminders of the potential vulnerabilities in even the most sophisticated security management systems. Vigilance, prompt action, and following vendor-provided guidance remain crucial in maintaining robust cybersecurity infrastructure.

Found this article interesting? Keep visit thesecmaster.com, and our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium, and Instagram and subscribe to receive tips like this. 

You may also like these articles: Here are the 5 most contextually relevant blog posts: