CWE-250
Execution with Unnecessary Privileges
Description
The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-104 · CAPEC-470 · CAPEC-69
CVEs mapped to this weakness (139)
page 1 of 7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-4606 | Cri | 0.65 | — | 0.00 | Mar 23, 2026 | GV Edge Recording Manager (ERM) v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system. During installation, ERM creates a Windows service that runs under the LocalSystem account. … | ||
| CVE-2026-25212 | Cri | 0.64 | 9.9 | 0.00 | Apr 2, 2026 | An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying… | ||
| CVE-2025-13375 | Cri | 0.64 | 9.8 | 0.01 | Feb 4, 2026 | IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system. | ||
| CVE-2024-8767 | Cri | 0.64 | 9.9 | 0.00 | Sep 17, 2024 | Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Backup extension for Plesk (Linux) before build 555, Acronis Backup plugin for… | ||
| CVE-2024-3330 | Cri | 0.64 | 9.9 | 0.01 | Jun 27, 2024 | Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS Marketplace allows In the case of the installed Windows client: Successful execution of this vulnerability will result in an attacker being able to run arbitrary code.This requires… | ||
| CVE-2024-27143 | — | Cri | 0.64 | 9.8 | 0.01 | Jun 14, 2024 | Toshiba printers use SNMP for configuration. Using the private community, it is possible to remotely execute commands as root on the remote printer. Using this vulnerability will allow any attacker to get a root access on a remote Toshiba printer. This vulnerability can be… | |
| CVE-2023-4662 | Cri | 0.64 | 9.8 | 0.01 | Sep 15, 2023 | Execution with Unnecessary Privileges vulnerability in Saphira Saphira Connect allows Remote Code Inclusion. This issue affects Saphira Connect: before 9. | ||
| CVE-2026-12027 | Cri | 0.62 | 9.6 | 0.00 | Jun 11, 2026 | Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-11167 | Cri | 0.62 | 9.6 | 0.00 | Jun 4, 2026 | Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2024-43655 | Cri | 0.61 | — | 0.01 | Jan 9, 2025 | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers before version 24120701. Likelihood: Moderate – The attacker will first need to… | ||
| CVE-2024-43651 | Cri | 0.61 | — | 0.02 | Jan 9, 2025 | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC models before version 241207101 Likelihood: Moderate – The binary does not seem to be… | ||
| CVE-2024-43650 | Cri | 0.61 | — | 0.02 | Jan 9, 2025 | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Iocharger firmware for AC models allows OS Command Injection as root This issue affects firmware versions before 24120701. Likelihood: Moderate – The binary does… | ||
| CVE-2026-1346 | Cri | 0.60 | 9.3 | 0.00 | Apr 8, 2026 | IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow a locally authenticated user to escalate… | ||
| CVE-2025-6949 | — | Cri | 0.60 | — | 0.00 | Oct 17, 2025 | An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A critical authorization flaw in the API allows an authenticated, low-privileged user to create a new administrator account, including accounts with… | |
| CVE-2025-6893 | — | Cri | 0.60 | — | 0.01 | Oct 17, 2025 | An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A flaw in broken access control has been identified in the /api/v1/setting/data endpoint of the affected device. This flaw allows a low-privileged… | |
| CVE-2026-42833 | Cri | 0.59 | 9.1 | 0.01 | May 12, 2026 | Improper control of generation of code ('code injection') in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to execute code over a network. | ||
| CVE-2025-42958 | Cri | 0.59 | 9.1 | 0.01 | Sep 9, 2025 | Due to a missing authentication check in the SAP NetWeaver application on IBM i-series, the application allows high privileged unauthorized users to read, modify, or delete sensitive information, as well as access administrative or privileged functionalities. This results in a… | ||
| CVE-2024-35783 | Cri | 0.59 | 9.1 | 0.01 | Sep 10, 2024 | A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information Server 2020 (All versions < V2020 SP2 Update 5), SIMATIC Information Server 2022 (All versions < V2022 SP1 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC06), SIMATIC Process… | ||
| CVE-2024-6834 | Cri | 0.59 | 9.0 | 0.00 | Jul 17, 2024 | A vulnerability in APIML Spring Cloud Gateway which leverages user privileges by unexpected signing proxied request by Zowe's client certificate. This allows access to a user to the endpoints requiring an internal client certificate without any credentials. It could lead to… | ||
| CVE-2026-50566 | Cri | 0.57 | 9.9 | 0.00 | Jun 10, 2026 | Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a tenant with environments.fission.io create/update RBAC can run privileged / allowPrivilegeEscalation /… |
- risk 0.65cvss —epss 0.00
GV Edge Recording Manager (ERM) v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system. During installation, ERM creates a Windows service that runs under the LocalSystem account. …
- risk 0.64cvss 9.9epss 0.00
An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying…
- risk 0.64cvss 9.8epss 0.01
IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system.
- risk 0.64cvss 9.9epss 0.00
Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Backup extension for Plesk (Linux) before build 555, Acronis Backup plugin for…
- risk 0.64cvss 9.9epss 0.01
Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS Marketplace allows In the case of the installed Windows client: Successful execution of this vulnerability will result in an attacker being able to run arbitrary code.This requires…
- risk 0.64cvss 9.8epss 0.01
Toshiba printers use SNMP for configuration. Using the private community, it is possible to remotely execute commands as root on the remote printer. Using this vulnerability will allow any attacker to get a root access on a remote Toshiba printer. This vulnerability can be…
- risk 0.64cvss 9.8epss 0.01
Execution with Unnecessary Privileges vulnerability in Saphira Saphira Connect allows Remote Code Inclusion. This issue affects Saphira Connect: before 9.
- risk 0.62cvss 9.6epss 0.00
Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
- risk 0.62cvss 9.6epss 0.00
Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
- risk 0.61cvss —epss 0.01
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers before version 24120701. Likelihood: Moderate – The attacker will first need to…
- risk 0.61cvss —epss 0.02
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC models before version 241207101 Likelihood: Moderate – The binary does not seem to be…
- risk 0.61cvss —epss 0.02
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Iocharger firmware for AC models allows OS Command Injection as root This issue affects firmware versions before 24120701. Likelihood: Moderate – The binary does…
- risk 0.60cvss 9.3epss 0.00
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow a locally authenticated user to escalate…
- risk 0.60cvss —epss 0.00
An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A critical authorization flaw in the API allows an authenticated, low-privileged user to create a new administrator account, including accounts with…
- risk 0.60cvss —epss 0.01
An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A flaw in broken access control has been identified in the /api/v1/setting/data endpoint of the affected device. This flaw allows a low-privileged…
- risk 0.59cvss 9.1epss 0.01
Improper control of generation of code ('code injection') in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to execute code over a network.
- risk 0.59cvss 9.1epss 0.01
Due to a missing authentication check in the SAP NetWeaver application on IBM i-series, the application allows high privileged unauthorized users to read, modify, or delete sensitive information, as well as access administrative or privileged functionalities. This results in a…
- risk 0.59cvss 9.1epss 0.01
A vulnerability has been identified in SIMATIC BATCH V9.1 (All versions), SIMATIC Information Server 2020 (All versions < V2020 SP2 Update 5), SIMATIC Information Server 2022 (All versions < V2022 SP1 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC06), SIMATIC Process…
- risk 0.59cvss 9.0epss 0.00
A vulnerability in APIML Spring Cloud Gateway which leverages user privileges by unexpected signing proxied request by Zowe's client certificate. This allows access to a user to the endpoints requiring an internal client certificate without any credentials. It could lead to…
- risk 0.57cvss 9.9epss 0.00
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.24.0, a tenant with environments.fission.io create/update RBAC can run privileged / allowPrivilegeEscalation /…