6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
A race condition in the wmi_malware_scan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp directory with a Trojan horse program.
CPE | Name | Operator | Version |
---|---|---|---|
tenable:nessus | tenable nessus | eq | 5.2.1 |
tenable:plugin-set | tenable plugin-set | le | 201402092115 |