CWE-250
Execution with Unnecessary Privileges
Description
The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-104 · CAPEC-470 · CAPEC-69
CVEs mapped to this weakness (139)
page 5 of 7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-25710 | — | Hig | 0.46 | — | 0.00 | May 13, 2026 | The new upstream added a privileged D-Bus helper called plasmaloginauthhelper, which suffers from multiple issues, e.g.aA compromised plasmalogin service account can chown() arbitrary files in the system. | |
| CVE-2025-8907 | — | Hig | 0.46 | 7.0 | 0.00 | Aug 13, 2025 | A vulnerability was found in H3C M2 NAS V100R006. Affected by this vulnerability is an unknown functionality of the component Webserver Configuration. The manipulation leads to execution with unnecessary privileges. An attack has to be approached locally. The complexity of an… | |
| CVE-2025-6019 | Hig | 0.46 | 7.0 | 0.00 | Jun 19, 2025 | A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an… | ||
| CVE-2024-13090 | — | Hig | 0.46 | 7.0 | 0.00 | Jun 10, 2025 | A privilege escalation vulnerability may enable a service account to elevate its privileges. The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as… | |
| CVE-2024-52799 | Hig | 0.46 | 8.2 | 0.00 | Nov 21, 2024 | Argo Workflows Chart is used to set up argo and its needed dependencies through one command. Prior to 0.44.0, the workflow-role has excessive privileges, the worst being create pods/exec, which will allow kubectl exec into any Pod in the same namespace, i.e. arbitrary code… | ||
| CVE-2026-40550 | Med | 0.45 | — | 0.00 | Apr 28, 2026 | mpGabinet is vulnerable to Privilege Escalation due to excessive database privileges assigned to the user used by the application. An attacker with access to any running application instance connected to the backend server can extract database credentials from the… | ||
| CVE-2026-40638 | Med | 0.44 | 6.7 | 0.00 | May 12, 2026 | Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges. | ||
| CVE-2026-25908 | Med | 0.44 | 6.7 | 0.00 | Apr 27, 2026 | Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. | ||
| CVE-2025-37128 | Med | 0.44 | 6.8 | 0.00 | Sep 16, 2025 | A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to terminate arbitrary running processes. Successful exploitation could allow an attacker to disrupt system operations, potentially resulting in an… | ||
| CVE-2025-3364 | Med | 0.44 | 6.7 | 0.00 | Apr 8, 2025 | The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system. | ||
| CVE-2024-27146 | — | Med | 0.44 | 6.7 | 0.00 | Jun 14, 2024 | The Toshiba printers do not implement privileges separation. As for the affected products/models/versions, see the reference URL. | |
| CVE-2026-4498 | Hig | 0.43 | 7.7 | 0.00 | Apr 8, 2026 | Execution with Unnecessary Privileges (CWE-250) in Kibana’s Fleet plugin debug route handlers can lead reading index data beyond their direct Elasticsearch RBAC scope via Privilege Abuse (CAPEC-122). This requires an authenticated Kibana user with Fleet sub-feature privileges… | ||
| CVE-2025-13911 | Med | 0.42 | 6.4 | 0.00 | Dec 18, 2025 | The vulnerability affects Ignition SCADA applications where Python scripting is utilized for automation purposes. The vulnerability arises from the absence of proper security controls that restrict which Python libraries can be imported and executed within the scripting… | ||
| CVE-2025-9055 | Med | 0.42 | 6.4 | 0.00 | Nov 11, 2025 | The VAPIX Edge storage API that allowed a privilege escalation, enabling a VAPIX administrator-privileged user to gain Linux Root privileges. This flaw can only be exploited after authenticating with an administrator-privileged service account. | ||
| CVE-2025-24331 | Med | 0.42 | 6.4 | 0.00 | Jul 2, 2025 | The Single RAN baseband OAM service is intended to run as an unprivileged service. However, it initially starts with root privileges and assigns certain capabilities before dropping to an unprivileged level. The capabilities retained from the root period are considered extensive… | ||
| CVE-2025-0921 | Med | 0.42 | 6.5 | 0.00 | May 15, 2025 | Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper… | ||
| CVE-2024-51722 | Med | 0.42 | 6.4 | 0.00 | Nov 12, 2024 | A local privilege escalation vulnerability in the SecuSUITE Server (System Configuration) of SecuSUITE versions 5.0.420 and earlier could allow a successful attacker that had gained control of code running under one of the system accounts listed in the configuration file to… | ||
| CVE-2018-10872 | Med | 0.42 | 6.5 | 0.00 | Jul 10, 2018 | A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction… | ||
| CVE-2024-28140 | Med | 0.40 | 6.1 | 0.00 | Dec 11, 2024 | The scanner device boots into a kiosk mode by default and opens the Scan2Net interface in a browser window. This browser is run with the permissions of the root user. There are also several other applications running as root user. This can be confirmed by running "ps aux" as… | ||
| CVE-2026-46618 | Med | 0.38 | — | 0.00 | Jun 10, 2026 | Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into… |
- risk 0.46cvss —epss 0.00
The new upstream added a privileged D-Bus helper called plasmaloginauthhelper, which suffers from multiple issues, e.g.aA compromised plasmalogin service account can chown() arbitrary files in the system.
- risk 0.46cvss 7.0epss 0.00
A vulnerability was found in H3C M2 NAS V100R006. Affected by this vulnerability is an unknown functionality of the component Webserver Configuration. The manipulation leads to execution with unnecessary privileges. An attack has to be approached locally. The complexity of an…
- risk 0.46cvss 7.0epss 0.00
A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an…
- risk 0.46cvss 7.0epss 0.00
A privilege escalation vulnerability may enable a service account to elevate its privileges. The sudo rules configured for a local service account were excessively permissive, potentially allowing administrative access if a malicious actor could execute arbitrary commands as…
- risk 0.46cvss 8.2epss 0.00
Argo Workflows Chart is used to set up argo and its needed dependencies through one command. Prior to 0.44.0, the workflow-role has excessive privileges, the worst being create pods/exec, which will allow kubectl exec into any Pod in the same namespace, i.e. arbitrary code…
- risk 0.45cvss —epss 0.00
mpGabinet is vulnerable to Privilege Escalation due to excessive database privileges assigned to the user used by the application. An attacker with access to any running application instance connected to the backend server can extract database credentials from the…
- risk 0.44cvss 6.7epss 0.00
Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.
- risk 0.44cvss 6.7epss 0.00
Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.
- risk 0.44cvss 6.8epss 0.00
A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to terminate arbitrary running processes. Successful exploitation could allow an attacker to disrupt system operations, potentially resulting in an…
- risk 0.44cvss 6.7epss 0.00
The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system.
- risk 0.44cvss 6.7epss 0.00
The Toshiba printers do not implement privileges separation. As for the affected products/models/versions, see the reference URL.
- risk 0.43cvss 7.7epss 0.00
Execution with Unnecessary Privileges (CWE-250) in Kibana’s Fleet plugin debug route handlers can lead reading index data beyond their direct Elasticsearch RBAC scope via Privilege Abuse (CAPEC-122). This requires an authenticated Kibana user with Fleet sub-feature privileges…
- risk 0.42cvss 6.4epss 0.00
The vulnerability affects Ignition SCADA applications where Python scripting is utilized for automation purposes. The vulnerability arises from the absence of proper security controls that restrict which Python libraries can be imported and executed within the scripting…
- risk 0.42cvss 6.4epss 0.00
The VAPIX Edge storage API that allowed a privilege escalation, enabling a VAPIX administrator-privileged user to gain Linux Root privileges. This flaw can only be exploited after authenticating with an administrator-privileged service account.
- risk 0.42cvss 6.4epss 0.00
The Single RAN baseband OAM service is intended to run as an unprivileged service. However, it initially starts with root privileges and assigns certain capabilities before dropping to an unprivileged level. The capabilities retained from the root period are considered extensive…
- risk 0.42cvss 6.5epss 0.00
Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.97.3 and prior, Mitsubishi Electric Hyper…
- risk 0.42cvss 6.4epss 0.00
A local privilege escalation vulnerability in the SecuSUITE Server (System Configuration) of SecuSUITE versions 5.0.420 and earlier could allow a successful attacker that had gained control of code running under one of the system accounts listed in the configuration file to…
- risk 0.42cvss 6.5epss 0.00
A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction…
- risk 0.40cvss 6.1epss 0.00
The scanner device boots into a kiosk mode by default and opens the Scan2Net interface in a browser window. This browser is run with the permissions of the root user. There are also several other applications running as root user. This can be confirmed by running "ps aux" as…
- risk 0.38cvss —epss 0.00
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security sweep, pkg/builder/builder.go passed Environment.spec.builder.command directly into…