Nessus Agent

by Tenable, Inc.v11.2.0.20301

Last updated Jun 8, 2026

Nessus Agents give you visibility into additional IT assets - even endpoints, and other remote assets that intermittently connect to the internet.

Visit homepage

Install with winget

$ winget install --id Tenable.NessusAgent --exact --version 11.2.0.20301

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for Nessus Agent

Nessus Agent uses MSI. The silent install switches are /quiet /norestart.

One-line silent install (x64, machine scope)

msiexec.exe /i NessusAgent-11.2.0-x64.msi /quiet /norestart

See the full silent install reference for Nessus Agent →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

Installers · v11.2.0.20301

Architecture	Type	Scope	Install	Download
x64	MSI	machine		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

10 known CVEs via NVD

medium6.1Patched in wingetCVE-2026-2026affects before 11.0.4, 11.1.2Feb 13, 2026
A vulnerability has been identified where weak file permissions in the Nessus Agent directory on Windows hosts could allow unauthorized access, potentially permitting Denial of Service (DoS) attacks.
Vendor advisory
high7.8Patched in wingetCVE-2025-36632affects before 10.8.5Jun 16, 2025
In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could execute code with SYSTEM privilege.
Vendor advisory
high8.8Patched in wingetCVE-2025-36633affects before 10.8.5Jun 13, 2025
In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could arbitrarily delete local system files with SYSTEM privilege, potentially leading to local privilege escalation.
Vendor advisory
high8.4Patched in wingetCVE-2025-36631affects before 10.8.5Jun 13, 2025
In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM privilege.
Vendor advisory
medium6.7Patched in wingetCVE-2023-5847affects before 10.4.3Nov 1, 2023
Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.
Vendor advisory
medium6.7Patched in wingetCVE-2021-20118affects <=8.3.0Sep 9, 2021
Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. This is different than CVE-2021-20117.
Patch Vendor advisory
medium6.7Patched in wingetCVE-2021-20117affects <=8.3.0Sep 9, 2021
Nessus Agent 8.3.0 and earlier was found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. This is different than CVE-2021-20118.
Patch Vendor advisory
high7.4Patched in wingetCVE-2021-3450affects >=8.2.1 and <=8.2.3Mar 25, 2021
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parame...
Patch Vendor advisory

Showing 8 of 10. Source: NVD, updated 3h ago. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

Tenable NessusTenable, Inc.
Tenable.Nessusv10.12.0.20184
Vulnerability scanner developed by Tenable
Proton VPNProton AG
Proton.ProtonVPNv4.4.1
High-speed Swiss VPN that safeguards your privacy.
Sera AntivirusYash12007
Yash12007.SeraAntivirusv3.0.0
Minimal, calm antivirus with real-time safety score and built-in system tools.
ExpressVPNExpressVPN
ExpressVPN.ExpressVPNv12.104.0.128
High-Speed, Secure & Anonymous VPN Service.
Securepoint SSL VPNSecurepoint GmbH
SecurepointGmbH.SecurepointSSLVPNv2.0.47
SSLVPN Client for Securepoint UTM
2FAGuardTimo Kössler
timokoessler.2FAGuardv1.8.2
A modern and secure Windows app for managing your 2FA authentication codes

More from Tenable, Inc. or browse security, vulnerability.

Frequently asked questions

How do I install Nessus Agent on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id Tenable.NessusAgent --exact --version 11.2.0.20301. winget downloads the installer from Tenable, Inc. and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install Nessus Agent silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id Tenable.NessusAgent --exact 11.2.0.20301 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for Nessus Agent?

Nessus Agent uses MSI. Run the downloaded installer with: msiexec.exe /i NessusAgent-11.2.0-x64.msi /quiet /norestart. The silent switches are /quiet /norestart.

How do I uninstall Nessus Agent via winget?

Run: winget uninstall --id Tenable.NessusAgent --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from Nessus Agent's Apps & Features entry.

Is Nessus Agent free?

Nessus Agent is distributed under Proprietary. Refer to the publisher (https://www.tenable.com/downloads/nessus-agents) for the full license terms - Wingetly itself does not charge for installation.

Does Nessus Agent work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls Nessus Agent directly from the publisher.

How do I keep Nessus Agent up to date?

Run winget upgrade --id Tenable.NessusAgent --exact, or winget upgrade --all to update everything winget tracks. We index 1 version of Nessus Agent from microsoft/winget-pkgs.