SSH Misconfig in Tenable OT Exposes Service Info via GatewayPorts
CVE-2026-4433 Published on March 24, 2026

An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could be used to potentially glean information about the underlying system and give an attacker information that could be used to attempt to compromise the host.

NVD

Weakness Type

Configuration

Weaknesses in this category are typically introduced during the configuration of the software.

Affected Versions

Tenable, Inc. Tenable Operation Technology:

Version 3.18.58, <= 4.2.40 is affected.

SSH Misconfig in Tenable OT Exposes Service Info via GatewayPortsCVE-2026-4433 Published on March 24, 2026

Weakness Type

Configuration

Affected Versions

SSH Misconfig in Tenable OT Exposes Service Info via GatewayPorts
CVE-2026-4433 Published on March 24, 2026