CVE-2025-36636 is an improper access control vulnerability identified in Tenable Security Center versions prior to 6.7.0. The vulnerability allows an unauthenticated attacker to bypass access restrictions and gain unauthorized access to sensitive areas of the Security Center. This is particularly critical because Tenable Security Center is widely used for vulnerability management and security monitoring, meaning unauthorized access could expose sensitive security data, configuration settings, and potentially allow manipulation of security policies. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and high impact on confidentiality, integrity, and availability (VC:H/VI:H/VA:H). This combination makes the vulnerability extremely severe, as it can be exploited remotely without authentication or user interaction, leading to full compromise of the affected system. Although no exploits have been reported in the wild yet, the critical nature of the flaw demands immediate attention. The vulnerability was reserved in April 2025 and published in October 2025, indicating recent discovery and disclosure. The lack of available patches at the time of reporting suggests organizations must prioritize upgrading to version 6.7.0 or later once available. Given Tenable Security Center’s role in managing vulnerabilities and security posture, exploitation could allow attackers to evade detection, manipulate vulnerability data, or disrupt security operations.

For European organizations, the impact of CVE-2025-36636 is significant. Unauthorized access to Tenable Security Center could lead to exposure of sensitive vulnerability data and security configurations, undermining the integrity of security monitoring and response. This could facilitate further attacks by hiding vulnerabilities or disabling security alerts. Critical infrastructure operators, financial institutions, and government agencies relying on Tenable products for security management face heightened risk of espionage, data breaches, or operational disruption. The vulnerability’s ease of exploitation and lack of authentication requirements increase the likelihood of attacks, potentially affecting a broad range of organizations. Disruption or compromise of security management tools can have cascading effects on overall cybersecurity posture, increasing the risk of secondary attacks and compliance violations under regulations such as GDPR and NIS Directive.

Organizations should immediately plan to upgrade Tenable Security Center to version 6.7.0 or later once the patch is released. Until then, implement strict network segmentation to isolate the Security Center from untrusted networks and limit access to trusted administrators only. Employ robust firewall rules and access control lists to restrict inbound connections to the Security Center. Monitor logs and network traffic for anomalous access attempts or unusual activity patterns indicative of exploitation attempts. Conduct regular audits of user permissions within the Security Center to ensure least privilege principles are enforced. Consider deploying additional intrusion detection/prevention systems focused on the Security Center environment. Engage with Tenable support for any available interim mitigations or workarounds. Finally, update incident response plans to include scenarios involving compromise of security management tools.