Nessus was found to be vulnerable to a local privilege escalation issue and a local denial of service condition due to insecure permissions when running in Agent Mode. This may allow an attacker to gain administrative privileges on the system hosting a Nessus agent. Note that these are very similar to, but different than the Agent issue fixed in version 6.10.4. A local privilege escalation exists due to insecure permissions. CVSSv2 7.2 / 5.6 (AV:L/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C). Tracked internally as NES-6137, CVE-2017-7850. A local denial of service condition exists due to insecure permissions that would stop the agent from conducting scans. CVSSv2 2.1 / 1.7 (AV:L/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:OF/RC:C). CVE-2017-7849