CWE-250
Execution with Unnecessary Privileges
Description
The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-104 · CAPEC-470 · CAPEC-69
CVEs mapped to this weakness (139)
page 3 of 7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-29205 | — | Hig | 0.56 | 8.6 | 0.07 | May 13, 2026 | Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpoints. | |
| CVE-2024-23299 | Hig | 0.56 | 8.6 | 0.00 | Jun 10, 2024 | The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to break out of its sandbox. | ||
| CVE-2025-12694 | Hig | 0.55 | — | 0.00 | Jun 4, 2026 | A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior. | ||
| CVE-2026-8370 | Hig | 0.55 | — | 0.00 | May 19, 2026 | Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLinux (zSeries), AIX, Solaris x64, Solaris Sparc 64 allows Privilege Escalation, Target Programs with Elevated Privileges. This… | ||
| CVE-2026-42088 | Cri | 0.55 | 9.6 | 0.00 | May 4, 2026 | OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0-rc3, the Script Runner widget allows users to execute Python and Ruby scripts directly from the openc3-COSMOS-script-runner-api… | ||
| CVE-2025-34290 | Hig | 0.55 | — | 0.00 | Dec 20, 2025 | Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations… | ||
| CVE-2025-14096 | — | Hig | 0.55 | 8.4 | 0.00 | Dec 17, 2025 | A vulnerability exists in multiple Radiometer products that allow an attacker with physical access to the analyzer possibility to extract credential information. The vulnerability is due to a weakness in the design and insufficient credential protection in operating system. … | |
| CVE-2025-50753 | Hig | 0.55 | 8.4 | 0.00 | Aug 26, 2025 | Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell.The command "deviceinfo show file" is supposed to be used from restricted shell to show files and directories. By providing " /bin/sh" (quotes included) to the argument of this… | ||
| CVE-2024-27110 | Hig | 0.55 | 8.4 | 0.00 | May 14, 2024 | Elevation of privilege vulnerability in GE HealthCare EchoPAC products | ||
| CVE-2024-21924 | Hig | 0.53 | 8.2 | 0.00 | Feb 11, 2025 | SMM callout vulnerability within the AmdPlatformRasSspSmm driver could allow a ring 0 attacker to modify boot services handlers, potentially resulting in arbitrary code execution. | ||
| CVE-2025-23181 | — | Hig | 0.52 | 8.0 | 0.00 | Apr 29, 2025 | CWE-250: Execution with Unnecessary Privileges | |
| CVE-2025-23180 | — | Hig | 0.52 | 8.0 | 0.00 | Apr 29, 2025 | CWE-250: Execution with Unnecessary Privileges | |
| CVE-2024-7387 | Cri | 0.52 | 9.1 | 0.02 | Sep 17, 2024 | A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the “Docker” strategy, executable files inside the… | ||
| CVE-2018-1087 | Hig | 0.52 | 8.0 | 0.01 | May 15, 2018 | kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions.… | ||
| CVE-2026-3623 | Hig | 0.51 | 7.8 | 0.00 | May 27, 2026 | IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with low‑privileged access to escalate their privileges to root. By exploiting this flaw, the attacker can execute root‑level commands, obtain a root shell, and change the root… | ||
| CVE-2026-33793 | Hig | 0.51 | 7.8 | 0.00 | Apr 9, 2026 | An Execution with Unnecessary Privileges vulnerability in the User Interface (UI) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to gain root privileges, thus compromising the system. When a configuration that allows unsigned Python… | ||
| CVE-2025-12690 | Hig | 0.51 | 7.8 | 0.00 | Mar 11, 2026 | Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.This issue affects NGFW Engine through 6.10.19, through 7.3.0, through 7.2.4, through 7.1.10. | ||
| CVE-2026-3315 | Hig | 0.51 | 7.8 | 0.00 | Mar 10, 2026 | Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission Assignment for Critical Resource vulnerability in ASSA ABLOY Visionline on Windows allows Configuration/Environment Manipulation.This issue affects Visionline: from 1.0 before 1.33. | ||
| CVE-2026-0870 | Hig | 0.51 | 7.8 | 0.00 | Feb 9, 2026 | MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges. | ||
| CVE-2025-50505 | Hig | 0.51 | 7.8 | 0.00 | Oct 7, 2025 | Clash Verge Rev thru 2.2.3 (fixed in 2.3.0) forces the installation of system services(clash-verge-service) by default and exposes key functions through the unauthorized HTTP API `/start_clash`, allowing local users to submit arbitrary bin_path parameters and pass them directly… |
- risk 0.56cvss 8.6epss 0.07
Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpoints.
- risk 0.56cvss 8.6epss 0.00
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to break out of its sandbox.
- risk 0.55cvss —epss 0.00
A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior.
- risk 0.55cvss —epss 0.00
Execution with unnecessary privileges vulnerability in Broadcom Automic Automation Agent Unix on Linux x64, Linux Power 64 BE, Linux Power 64 LE, zLinux (zSeries), AIX, Solaris x64, Solaris Sparc 64 allows Privilege Escalation, Target Programs with Elevated Privileges. This…
- risk 0.55cvss 9.6epss 0.00
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0-rc3, the Script Runner widget allows users to execute Python and Ruby scripts directly from the openc3-COSMOS-script-runner-api…
- risk 0.55cvss —epss 0.00
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations…
- risk 0.55cvss 8.4epss 0.00
A vulnerability exists in multiple Radiometer products that allow an attacker with physical access to the analyzer possibility to extract credential information. The vulnerability is due to a weakness in the design and insufficient credential protection in operating system. …
- risk 0.55cvss 8.4epss 0.00
Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell.The command "deviceinfo show file" is supposed to be used from restricted shell to show files and directories. By providing " /bin/sh" (quotes included) to the argument of this…
- risk 0.55cvss 8.4epss 0.00
Elevation of privilege vulnerability in GE HealthCare EchoPAC products
- risk 0.53cvss 8.2epss 0.00
SMM callout vulnerability within the AmdPlatformRasSspSmm driver could allow a ring 0 attacker to modify boot services handlers, potentially resulting in arbitrary code execution.
- risk 0.52cvss 8.0epss 0.00
CWE-250: Execution with Unnecessary Privileges
- risk 0.52cvss 8.0epss 0.00
CWE-250: Execution with Unnecessary Privileges
- risk 0.52cvss 9.1epss 0.02
A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the “Docker” strategy, executable files inside the…
- risk 0.52cvss 8.0epss 0.01
kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions.…
- risk 0.51cvss 7.8epss 0.00
IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with low‑privileged access to escalate their privileges to root. By exploiting this flaw, the attacker can execute root‑level commands, obtain a root shell, and change the root…
- risk 0.51cvss 7.8epss 0.00
An Execution with Unnecessary Privileges vulnerability in the User Interface (UI) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to gain root privileges, thus compromising the system. When a configuration that allows unsigned Python…
- risk 0.51cvss 7.8epss 0.00
Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.This issue affects NGFW Engine through 6.10.19, through 7.3.0, through 7.2.4, through 7.1.10.
- risk 0.51cvss 7.8epss 0.00
Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission Assignment for Critical Resource vulnerability in ASSA ABLOY Visionline on Windows allows Configuration/Environment Manipulation.This issue affects Visionline: from 1.0 before 1.33.
- risk 0.51cvss 7.8epss 0.00
MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges.
- risk 0.51cvss 7.8epss 0.00
Clash Verge Rev thru 2.2.3 (fixed in 2.3.0) forces the installation of system services(clash-verge-service) by default and exposes key functions through the unauthorized HTTP API `/start_clash`, allowing local users to submit arbitrary bin_path parameters and pass them directly…