Nessus contains a race condition in the Malicious Process Detection plugin that leads to unauthorized privileges being gained. The issue is due to the plugin creating a binary with a static name in the temporary folder. Once Nessus has started a scan, a low-level user may overwrite this binary, and it will be executed upon reboot of the device. This may allow a local attacker to gain elevated privileges.