Privilege Escalation via Race Condition in Nessus 5.2.1

Privilege Escalation via Race Condition in Nessus 5.2.1

CVE-2014-2848 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

A race condition in the wmi_malware_scan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp directory with a Trojan horse program.

Learn more about our User Device Pen Test.