CVE-2014-2848
Nessus 5.2.1 - Local Privilege Escalation via WMI Malware Scan Plugin Race Condition
Title source: llmDescription
A race condition in the wmi_malware_scan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp directory with a Trojan horse program.
References (4)
Core 4
Core References
Various Sources x_refsource_misc
https://www.nccgroup.com/en/learning-and-research-centre/technical-advisories/nessus-authenticated-scan-local-privilege-escalation/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1029946
Vendor Advisory x_refsource_confirm
https://discussions.nessus.org/thread/7195
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/57403
Scores
EPSS
0.0003
EPSS Percentile
10.6%
Details
CWE
CWE-362
Status
published
Products (2)
tenable/nessus
5.2.1
tenable/plugin-set
< 201402092115
Published
Apr 11, 2014
Tracked Since
Feb 18, 2026