VYPR

CWE-250

Execution with Unnecessary Privileges

BaseDraftLikelihood: Medium

Description

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

Hierarchy (View 1000)

Children

none

Related attack patterns (CAPEC)

CAPEC-104 · CAPEC-470 · CAPEC-69

CVEs mapped to this weakness (139)

page 4 of 7
  • CVE-2022-38695HigSep 1, 2025
    risk 0.51cvss 7.8epss 0.00

    In BootRom, there's a possible unchecked command index. This could lead to local escalation of privilege with no additional execution privileges needed.

  • CVE-2022-38694HigSep 1, 2025
    risk 0.51cvss 7.8epss 0.01

    In BootRom, there is a possible unchecked write address. This could lead to local escalation of privilege with no additional execution privileges needed.

  • CVE-2022-38691HigSep 1, 2025
    risk 0.51cvss 7.8epss 0.00

    In BootROM, there is a possible missing validation for Certificate Type 0. This could lead to local escalation of privilege with no additional execution privileges needed.

  • CVE-2025-3925HigMay 7, 2025
    risk 0.51cvss 7.8epss 0.00

    BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 or series 5 prior to v9.0.166 contain an execution with unnecessary privileges vulnerability, allowing for privilege escalation on the device once code execution has been obtained.

  • CVE-2024-12673HigFeb 12, 2025
    risk 0.51cvss 7.8epss 0.00

    An improper privilege vulnerability was reported in a BIOS customization feature of Lenovo Vantage on SMB notebook devices which could allow a local attacker to elevate privileges on the system. This vulnerability only affects Vantage installed on these devices: * Lenovo V…

  • CVE-2024-50590HigNov 8, 2024
    risk 0.51cvss 7.8epss 0.00

    Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissions. The default installation directory of Elefant is "C:\Elefant1" which is …

  • CVE-2024-3498HigJun 14, 2024
    risk 0.51cvss 7.8epss 0.00

    Attackers can then execute malicious files by enabling certain services of the printer via the web configuration page and elevate its privileges to root. As for the affected products/models/versions, see the reference URL.

  • CVE-2024-0073HigMar 27, 2024
    risk 0.51cvss 7.8epss 0.00

    NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer when the driver is performing an operation at a privilege level that is higher than the minimum level required. A successful exploit of this vulnerability may lead to code execution, denial…

  • CVE-2026-46617HigJun 10, 2026
    risk 0.50cvss epss 0.00

    Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, Fission runtime pods were created with ServiceAccountName: fission-fetcher, and the fission-fetcher…

  • CVE-2026-41900HigMay 8, 2026
    risk 0.50cvss 8.8epss 0.01

    OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to version 2.0.3, a remote code execution (RCE) vulnerability was identified in the OpenLearnX code execution environment, allowing sandbox escape and arbitrary command execution. This issue has…

  • CVE-2025-1977HigDec 31, 2025
    risk 0.50cvss epss 0.00

    The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability (CVE-2025-1977) that allows an authenticated user with read-only access to perform unauthorized configuration changes through the MCC (Moxa CLI Configuration) tool. The issue…

  • CVE-2025-58365HigSep 8, 2025
    risk 0.50cvss epss 0.01

    The XWiki blog application allows users of the XWiki platform to create and manage blog posts. Prior to version 9.14, the blog application in XWiki allowed remote code execution for any user who has edit right on any page. Normally, these are all logged-in users as they can edit…

  • CVE-2026-21882HigMar 2, 2026
    risk 0.48cvss 8.4epss 0.00

    theshit is a command-line utility that automatically detects and fixes common mistakes in shell commands. Prior to version 0.2.0, improper privilege dropping allows local privilege escalation via command re-execution. This issue has been patched in version 0.2.0.

  • CVE-2024-27147HigJun 14, 2024
    risk 0.48cvss 7.4epss 0.00

    The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. As for the affected products/models/versions, see the reference URL.

  • CVE-2024-22017HigMar 19, 2024
    risk 0.48cvss 7.3epss 0.01

    setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid(). This allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid(). This vulnerability affects all users…

  • CVE-2026-10843HigJun 4, 2026
    risk 0.47cvss 7.2epss 0.00

    A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential…

  • CVE-2026-42061HigJun 3, 2026
    risk 0.47cvss 7.3epss 0.00

    Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227.

  • CVE-2026-4667HigApr 15, 2026
    risk 0.47cvss epss 0.00

    HP System Optimizer might potentially be vulnerable to escalation of privilege. HP is releasing an update to mitigate this potential vulnerability.

  • CVE-2025-23009HigApr 10, 2025
    risk 0.47cvss 7.2epss 0.00

    A local privilege escalation vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to trigger an arbitrary file deletion.

  • CVE-2025-23008HigApr 10, 2025
    risk 0.47cvss 7.2epss 0.00

    An improper privilege management vulnerability in the SonicWall NetExtender Windows (32 and 64 bit) client allows a low privileged attacker to modify configurations.