CWE-250
Execution with Unnecessary Privileges
Description
The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-104 · CAPEC-470 · CAPEC-69
CVEs mapped to this weakness (139)
page 2 of 7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-46748 | Hig | 0.57 | 8.8 | 0.00 | Jun 9, 2026 | A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected system includes a binary that is configured with the cap_dac_override capability. This capability allows the process to bypass file system permission checks, resulting in… | ||
| CVE-2026-44477 | Cri | 0.57 | 9.9 | 0.00 | May 28, 2026 | CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session… | ||
| CVE-2026-32673 | — | Hig | 0.57 | 8.7 | 0.00 | May 13, 2026 | A vulnerability exists in BIG-IP scripted monitors that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary system commands with higher privileges. In appliance mode deployments, a successful exploit can allow the… | |
| CVE-2026-32643 | Hig | 0.57 | 8.7 | 0.00 | May 13, 2026 | A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running arbitrary commands. Note: Software versions which have reached End of Technical… | ||
| CVE-2026-34877 | Cri | 0.57 | 9.8 | 0.00 | Apr 2, 2026 | An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized SSL context or session structures allows an attacker who can modify the serialized structures to induce memory corruption, leading to arbitrary code… | ||
| CVE-2025-13506 | Hig | 0.57 | 8.8 | 0.00 | Dec 12, 2025 | Execution with Unnecessary Privileges vulnerability in Nebim Neyir Computer Industry and Services Inc. Nebim V3 ERP allows Expanding Control over the Operating System from the Database. This issue affects Nebim V3 ERP: from 2.0.59 before 3.0.1. | ||
| CVE-2025-32445 | Cri | 0.57 | 9.9 | 0.01 | Apr 15, 2025 | Argo Events is an event-driven workflow automation framework for Kubernetes. A user with permission to create/modify EventSource and Sensor custom resources can gain privileged access to the host system and cluster, even without having direct administrative privileges. The… | ||
| CVE-2025-22368 | Hig | 0.57 | — | 0.01 | Mar 11, 2025 | The authenticated SCU firmware command of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS commands are improperly neutralized when certain fields are passed to the underlying OS. | ||
| CVE-2025-22367 | Hig | 0.57 | — | 0.01 | Mar 11, 2025 | The authenticated time setting capability of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS command are improperly neutralized when certain fields are passed to the underlying OS. | ||
| CVE-2025-22366 | Hig | 0.57 | — | 0.01 | Mar 11, 2025 | The authenticated firmware update capability of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS command are improperly neutralized when certain fields are passed to the underlying OS. | ||
| CVE-2024-43654 | Hig | 0.57 | 8.8 | 0.02 | Jan 9, 2025 | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Iocharger firmware for AC models allows OS Command Injection as root This issue affects all Iocharger AC EV charger models on a firmware version before 25010801. Likelihood:… | ||
| CVE-2024-43653 | Hig | 0.57 | 8.8 | 0.02 | Jan 9, 2025 | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers before version 24120701. Likelihood: Moderate – The binary does not… | ||
| CVE-2024-43652 | Hig | 0.57 | 8.8 | 0.02 | Jan 9, 2025 | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers before version 24120701 Likelihood: Moderate – The binary does not seem… | ||
| CVE-2024-43649 | Hig | 0.57 | 8.8 | 0.02 | Jan 9, 2025 | Authenticated command injection in the filename of a .exe request leads to remote code execution as the root user. This issue affects Iocharger firmware for AC models before version 24120701. Likelihood: Moderate – This action is not a common place for command… | ||
| CVE-2024-43648 | Hig | 0.57 | 8.8 | 0.02 | Jan 9, 2025 | Command injection in the parameter of a .exe request leads to remote code execution as the root user. This issue affects Iocharger firmware for AC models before version 24120701. Likelihood: Moderate – This action is not a common place for command… | ||
| CVE-2024-28139 | — | Hig | 0.57 | 8.8 | 0.01 | Dec 11, 2024 | The www-data user can elevate its privileges because sudo is configured to allow the execution of the mount command as root without a password. Therefore, the privileges can be escalated to the root user. The risk has been accepted by the vendor and won't be fixed in the near… | |
| CVE-2024-11075 | Hig | 0.57 | 8.8 | 0.00 | Nov 19, 2024 | A vulnerability in the Incoming Goods Suite allows a user with unprivileged access to the underlying system (e.g. local or via SSH) a privilege escalation to the administrative level due to the usage of component vendor Docker images running with root permissions. Exploiting… | ||
| CVE-2024-8781 | Hig | 0.57 | — | 0.00 | Nov 18, 2024 | Execution with Unnecessary Privileges, : Improper Protection of Alternate Path vulnerability in TR7 Application Security Platform (ASP) allows Privilege Escalation, -Privilege Abuse. This issue affects Application Security Platform (ASP): v1.4.25.188. | ||
| CVE-2023-50015 | Hig | 0.57 | 8.8 | 0.00 | Mar 9, 2024 | An issue was discovered in Grandstream GXP14XX 1.0.8.9 and GXP16XX 1.0.7.13, allows remote attackers to escalate privileges via incorrect access control using an end-user session-identity token. | ||
| CVE-2018-8853 | Hig | 0.57 | 8.8 | 0.00 | May 4, 2018 | Philips Brilliance CT devices operate user functions from within a contained kiosk in a Microsoft Windows operating system. Windows boots by default with elevated Windows privileges, enabling a kiosk application, user, or an attacker to potentially attain unauthorized elevated… |
- risk 0.57cvss 8.8epss 0.00
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected system includes a binary that is configured with the cap_dac_override capability. This capability allows the process to bypass file system permission checks, resulting in…
- risk 0.57cvss 9.9epss 0.00
CloudNativePG is a platform designed to manage PostgreSQL databases within Kubernetes environments. Prior to 1.29.1 and 1.28.3, the CloudNativePG metrics exporter opens its PostgreSQL connection as the postgres superuser via the pod-local Unix socket, then demotes the session…
- risk 0.57cvss 8.7epss 0.00
A vulnerability exists in BIG-IP scripted monitors that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary system commands with higher privileges. In appliance mode deployments, a successful exploit can allow the…
- risk 0.57cvss 8.7epss 0.00
A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running arbitrary commands. Note: Software versions which have reached End of Technical…
- risk 0.57cvss 9.8epss 0.00
An issue was discovered in Mbed TLS versions from 2.19.0 up to 3.6.5, Mbed TLS 4.0.0. Insufficient protection of serialized SSL context or session structures allows an attacker who can modify the serialized structures to induce memory corruption, leading to arbitrary code…
- risk 0.57cvss 8.8epss 0.00
Execution with Unnecessary Privileges vulnerability in Nebim Neyir Computer Industry and Services Inc. Nebim V3 ERP allows Expanding Control over the Operating System from the Database. This issue affects Nebim V3 ERP: from 2.0.59 before 3.0.1.
- risk 0.57cvss 9.9epss 0.01
Argo Events is an event-driven workflow automation framework for Kubernetes. A user with permission to create/modify EventSource and Sensor custom resources can gain privileged access to the host system and cluster, even without having direct administrative privileges. The…
- risk 0.57cvss —epss 0.01
The authenticated SCU firmware command of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS commands are improperly neutralized when certain fields are passed to the underlying OS.
- risk 0.57cvss —epss 0.01
The authenticated time setting capability of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS command are improperly neutralized when certain fields are passed to the underlying OS.
- risk 0.57cvss —epss 0.01
The authenticated firmware update capability of the firmware for Mennekes Smart / Premium Chargingpoints can be abused for command execution because OS command are improperly neutralized when certain fields are passed to the underlying OS.
- risk 0.57cvss 8.8epss 0.02
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Iocharger firmware for AC models allows OS Command Injection as root This issue affects all Iocharger AC EV charger models on a firmware version before 25010801. Likelihood:…
- risk 0.57cvss 8.8epss 0.02
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers before version 24120701. Likelihood: Moderate – The binary does not…
- risk 0.57cvss 8.8epss 0.02
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers before version 24120701 Likelihood: Moderate – The binary does not seem…
- risk 0.57cvss 8.8epss 0.02
Authenticated command injection in the filename of a .exe request leads to remote code execution as the root user. This issue affects Iocharger firmware for AC models before version 24120701. Likelihood: Moderate – This action is not a common place for command…
- risk 0.57cvss 8.8epss 0.02
Command injection in the parameter of a .exe request leads to remote code execution as the root user. This issue affects Iocharger firmware for AC models before version 24120701. Likelihood: Moderate – This action is not a common place for command…
- risk 0.57cvss 8.8epss 0.01
The www-data user can elevate its privileges because sudo is configured to allow the execution of the mount command as root without a password. Therefore, the privileges can be escalated to the root user. The risk has been accepted by the vendor and won't be fixed in the near…
- risk 0.57cvss 8.8epss 0.00
A vulnerability in the Incoming Goods Suite allows a user with unprivileged access to the underlying system (e.g. local or via SSH) a privilege escalation to the administrative level due to the usage of component vendor Docker images running with root permissions. Exploiting…
- risk 0.57cvss —epss 0.00
Execution with Unnecessary Privileges, : Improper Protection of Alternate Path vulnerability in TR7 Application Security Platform (ASP) allows Privilege Escalation, -Privilege Abuse. This issue affects Application Security Platform (ASP): v1.4.25.188.
- risk 0.57cvss 8.8epss 0.00
An issue was discovered in Grandstream GXP14XX 1.0.8.9 and GXP16XX 1.0.7.13, allows remote attackers to escalate privileges via incorrect access control using an end-user session-identity token.
- risk 0.57cvss 8.8epss 0.00
Philips Brilliance CT devices operate user functions from within a contained kiosk in a Microsoft Windows operating system. Windows boots by default with elevated Windows privileges, enabling a kiosk application, user, or an attacker to potentially attain unauthorized elevated…