{"id":47767,"date":"2026-04-28T22:41:50","date_gmt":"2026-04-28T15:41:50","guid":{"rendered":"https:\/\/antoanthongtinhaiphong.gov.vn\/?p=47767"},"modified":"2026-05-05T22:42:37","modified_gmt":"2026-05-05T15:42:37","slug":"lo-hong-nessus-agent-cho-phep-chiem-quyen-system-tu-tai-khoan-thuong","status":"publish","type":"post","link":"https:\/\/antoanthongtinhaiphong.gov.vn\/lo-hong-nessus-agent-cho-phep-chiem-quyen-system-tu-tai-khoan-thuong\/","title":{"rendered":"L\u1ed7 h\u1ed5ng Nessus Agent cho ph\u00e9p chi\u1ebfm quy\u1ec1n SYSTEM t\u1eeb t\u00e0i kho\u1ea3n th\u01b0\u1eddng"},"content":{"rendered":"<div><b>M\u1ed9t l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng mang m\u00e3 CVE-2026-33694 v\u1eeba \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1. L\u1ed7 h\u1ed5ng kh\u00f4ng ch\u1ec9 c\u00f3 m\u1ee9c \u0111\u1ed9 \u1ea3nh h\u01b0\u1edfng cao m\u00e0 c\u00f2n t\u1ed3n t\u1ea1i ngay trong Nessus Agent, c\u00f4ng c\u1ee5 \u0111\u01b0\u1ee3c tri\u1ec3n khai \u0111\u1ec3 ph\u00e1t hi\u1ec7n l\u1ed7 h\u1ed5ng. \u0110\u00e1ng ch\u00fa \u00fd, k\u1ebb t\u1ea5n c\u00f4ng ch\u1ec9 c\u1ea7n quy\u1ec1n ng\u01b0\u1eddi d\u00f9ng th\u00f4ng th\u01b0\u1eddng c\u0169ng c\u00f3 th\u1ec3 leo thang l\u00ean quy\u1ec1n SYSTEM, m\u1ee9c \u0111\u1eb7c quy\u1ec1n cao nh\u1ea5t tr\u00ean Windows.<\/b><br \/>\n\u200b<\/div>\n<div>\n<div class=\"bbImageWrapper  js-lbImage\" title=\"1777372187566.png\" data-src=\"https:\/\/whitehat.vn\/attachments\/1777372187566-png.18929\/\" data-lb-sidebar-href=\"\" data-lb-caption-extra-html=\"\" data-single-image=\"1\"><img loading=\"lazy\" decoding=\"async\" class=\"bbImage\" title=\"1777372187566.png\" src=\"https:\/\/whitehat.vn\/attachments\/1777372187566-png.18929\/\" alt=\"1777372187566.png\" width=\"765\" height=\"426\" data-url=\"\" data-zoom-target=\"1\" \/><\/div>\n<p>\u200b<\/p><\/div>\n<div>\nNguy\u00ean nh\u00e2n n\u1eb1m \u1edf m\u1ed9t l\u1ed7i thu\u1ed9c nh\u00f3m CWE-59 (Link Following), k\u1ebft h\u1ee3p v\u1edbi k\u1ef9 thu\u1eadt race condition v\u00e0 NTFS Junction Point. N\u00f3i d\u1ec5 hi\u1ec3u, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 \u201c\u0111\u00e1nh l\u1eeba\u201d ti\u1ebfn tr\u00ecnh Nessus Agent v\u1ed1n ch\u1ea1y v\u1edbi quy\u1ec1n SYSTEM, thao t\u00e1c tr\u00ean m\u1ed9t th\u01b0 m\u1ee5c t\u01b0\u1edfng l\u00e0 h\u1ee3p l\u1ec7 nh\u01b0ng th\u1ef1c ch\u1ea5t \u0111\u00e3 b\u1ecb chuy\u1ec3n h\u01b0\u1edbng sang v\u1ecb tr\u00ed nh\u1ea1y c\u1ea3m trong h\u1ec7 th\u1ed1ng. Ch\u1eb3ng h\u1ea1n, th\u01b0 m\u1ee5c t\u1ea1m c\u1ee7a Nessus c\u00f3 th\u1ec3 b\u1ecb tr\u1ecf ng\u1ea7m sang C:\\Windows\\System32, khi\u1ebfn qu\u00e1 tr\u00ecnh d\u1ecdn d\u1eb9p v\u00f4 t\u00ecnh x\u00f3a nh\u1ea7m c\u00e1c file h\u1ec7 th\u1ed1ng quan tr\u1ecdng.<\/p>\n<p>T\u1eeb \u0111\u00e2y, c\u00e2u chuy\u1ec7n kh\u00f4ng d\u1eebng l\u1ea1i \u1edf vi\u1ec7c ph\u00e1 ho\u1ea1i. Khi m\u1ed9t DLL quan tr\u1ecdng b\u1ecb x\u00f3a, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 l\u1ee3i d\u1ee5ng c\u01a1 ch\u1ebf t\u00ecm ki\u1ebfm DLL c\u1ee7a Windows \u0111\u1ec3 \u201cc\u1ea5y\u201d m\u1ed9t file \u0111\u1ed9c h\u1ea1i v\u00e0o v\u1ecb tr\u00ed \u01b0u ti\u00ean cao h\u01a1n. Khi d\u1ecbch v\u1ee5 kh\u1edfi \u0111\u1ed9ng l\u1ea1i, h\u1ec7 th\u1ed1ng s\u1ebd n\u1ea1p DLL gi\u1ea3 n\u00e0y, qua \u0111\u00f3 cho ph\u00e9p th\u1ef1c thi m\u00e3 v\u1edbi quy\u1ec1n SYSTEM. \u0110\u00e2y l\u00e0 k\u1ef9 thu\u1eadt quen thu\u1ed9c trong gi\u1edbi t\u1ea5n c\u00f4ng, th\u01b0\u1eddng \u0111\u01b0\u1ee3c g\u1ecdi l\u00e0 DLL hijacking, nh\u01b0ng trong tr\u01b0\u1eddng h\u1ee3p n\u00e0y n\u00f3 \u0111\u01b0\u1ee3c k\u00edch ho\u1ea1t th\u00f4ng qua m\u1ed9t l\u1ed7i x\u00f3a file.<\/p>\n<p>V\u1edbi \u0111i\u1ec3m CVSS 8,2, l\u1ed7 h\u1ed5ng CVE-2026-33694 \u0111\u01b0\u1ee3c \u0111\u00e1nh gi\u00e1 l\u00e0 nguy hi\u1ec3m, \u0111\u1ed3ng th\u1eddi d\u1ec5 b\u1ecb khai th\u00e1c: kh\u00f4ng c\u1ea7n ng\u01b0\u1eddi d\u00f9ng thao t\u00e1c g\u00ec, kh\u00f4ng y\u00eau c\u1ea7u \u0111i\u1ec1u ki\u1ec7n \u0111\u1eb7c bi\u1ec7t v\u00e0 k\u1ebb t\u1ea5n c\u00f4ng ch\u1ec9 c\u1ea7n c\u00f3 quy\u1ec1n truy c\u1eadp ban \u0111\u1ea7u \u1edf m\u1ee9c t\u00e0i kho\u1ea3n th\u00f4ng th\u01b0\u1eddng l\u00e0 \u0111\u1ee7. Trong th\u1ef1c t\u1ebf, k\u1ecbch b\u1ea3n t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 b\u1eaft \u0111\u1ea7u t\u1eeb m\u1ed9t t\u00e0i kho\u1ea3n b\u1ecb l\u1ed9 qua phishing ho\u1eb7c m\u1ed9t l\u1ed7 h\u1ed5ng web, sau \u0111\u00f3 nhanh ch\u00f3ng leo thang \u0111\u1eb7c quy\u1ec1n th\u00f4ng qua Nessus Agent \u0111\u1ec3 chi\u1ebfm to\u00e0n b\u1ed9 h\u1ec7 th\u1ed1ng.<\/p>\n<p>\u0110\u00e1ng quan ng\u1ea1i h\u01a1n l\u00e0 Nessus th\u01b0\u1eddng \u0111\u01b0\u1ee3c c\u00e0i \u0111\u1eb7t tr\u00ean c\u00e1c m\u00e1y ch\u1ee7 ho\u1eb7c endpoint quan tr\u1ecdng. \u0110i\u1ec1u n\u00e0y bi\u1ebfn m\u1ed9t c\u00f4ng c\u1ee5 b\u1ea3o m\u1eadt th\u00e0nh \u0111i\u1ec3m t\u1ea5n c\u00f4ng ti\u1ec1m n\u0103ng, m\u1ed9t \u201cngh\u1ecbch l\u00fd\u201d kh\u00f4ng hi\u1ebfm g\u1eb7p khi c\u00e1c agent c\u00f3 \u0111\u1eb7c quy\u1ec1n cao l\u1ea1i \u00edt b\u1ecb gi\u00e1m s\u00e1t ch\u1eb7t ch\u1ebd.<\/p>\n<p>Tr\u01b0\u1edbc r\u1ee7i ro n\u00e0y, c\u00e1c t\u1ed5 ch\u1ee9c n\u00ean nhanh ch\u00f3ng c\u1eadp nh\u1eadt l\u00ean Nessus Agent phi\u00ean b\u1ea3n 11.1.3, \u0111\u1ed3ng th\u1eddi t\u0103ng c\u01b0\u1eddng gi\u00e1m s\u00e1t c\u00e1c h\u00e0nh vi b\u1ea5t th\u01b0\u1eddng nh\u01b0 t\u1ea1o junction tr\u00e1i ph\u00e9p, ki\u1ec3m so\u00e1t quy\u1ec1n truy c\u1eadp th\u01b0 m\u1ee5c l\u00e0m vi\u1ec7c v\u00e0 theo d\u00f5i t\u00ednh to\u00e0n v\u1eb9n c\u1ee7a DLL h\u1ec7 th\u1ed1ng. CVE-2026-33694 kh\u00f4ng ph\u1ea3i l\u00e0 l\u1ed7 h\u1ed5ng ph\u1ee9c t\u1ea1p, nh\u01b0ng l\u1ea1i \u0111\u1ee7 th\u1ef1c d\u1ee5ng \u0111\u1ec3 tr\u1edf th\u00e0nh b\u00e0n \u0111\u1ea1p nguy hi\u1ec3m n\u1ebfu b\u1ecb khai th\u00e1c trong m\u00f4i tr\u01b0\u1eddng th\u1ef1c t\u1ebf.<br \/>\n\u200b<\/p><\/div>\n<div style=\"text-align: right;\"><b><i>Theo Cyber Press<\/i><\/b><\/div>\n","protected":false},"excerpt":{"rendered":"<p>M\u1ed9t l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng mang m\u00e3 CVE-2026-33694 v\u1eeba \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1. L\u1ed7 h\u1ed5ng kh\u00f4ng ch\u1ec9 c\u00f3 m\u1ee9c \u0111\u1ed9 \u1ea3nh h\u01b0\u1edfng cao m\u00e0 c\u00f2n t\u1ed3n t\u1ea1i ngay trong Nessus Agent, c\u00f4ng c\u1ee5 \u0111\u01b0\u1ee3c tri\u1ec3n khai \u0111\u1ec3 ph\u00e1t hi\u1ec7n l\u1ed7 h\u1ed5ng. \u0110\u00e1ng ch\u00fa \u00fd, k\u1ebb t\u1ea5n c\u00f4ng ch\u1ec9 c\u1ea7n quy\u1ec1n ng\u01b0\u1eddi d\u00f9ng th\u00f4ng th\u01b0\u1eddng c\u0169ng c\u00f3 [&hellip;]<\/p>\n","protected":false},"author":20,"featured_media":47768,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[4,24,35],"tags":[],"class_list":["post-47767","post","type-post","status-publish","format-standard","has-post-thumbnail","category-kien-thuc-an-toan-thong-tin","category-tin-noi-bat","category-tin-tuc-su-kien"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47767","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/comments?post=47767"}],"version-history":[{"count":1,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47767\/revisions"}],"predecessor-version":[{"id":47769,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47767\/revisions\/47769"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media\/47768"}],"wp:attachment":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media?parent=47767"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/categories?post=47767"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/tags?post=47767"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}