CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-2848

A race condition in the wmi_malware_scan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp directory with a Trojan horse program.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.4%

CVSS Severity

CVSS v2 Score 6.9

References

http://secunia.com/advisories/57403
http://www.securitytracker.com/id/1029946
https://discussions.nessus.org/thread/7195
https://www.nccgroup.com/en/learning-and-research-centre/technical-advisories/nessus-authenticated-scan-local-privilege-escalation/
http://secunia.com/advisories/57403
http://www.securitytracker.com/id/1029946
https://discussions.nessus.org/thread/7195
https://www.nccgroup.com/en/learning-and-research-centre/technical-advisories/nessus-authenticated-scan-local-privilege-escalation/

Products affected by CVE-2014-2848

Tenable » Nessus » Version: 5.2.1

cpe:2.3:a:tenable:nessus:5.2.1
Tenable » Plugin-Set » Version: 201402092115

cpe:2.3:a:tenable:plugin-set:201402092115

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-2848

Products

Pricing

Contact Us