Unrated severityNVD Advisory· Published Apr 11, 2014· Updated May 6, 2026

CVE-2014-2848

Description

A race condition in the wmi_malware_scan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp directory with a Trojan horse program.

Affected products

Tenable/Nessus
cpe:2.3:a:tenable:nessus:5.2.1:*:*:*:*:*:*:*
Tenable/Plugin Set
cpe:2.3:a:tenable:plugin-set:*:*:*:*:*:*:*:*
Range: <=201402092115

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/57403nvdVendor Advisory
discussions.nessus.org/thread/7195nvdVendor Advisory
www.securitytracker.com/id/1029946nvd
www.nccgroup.com/en/learning-and-research-centre/technical-advisories/nessus-authenticated-scan-local-privilege-escalation/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000