CWE-269
Improper Privilege Management
ClassDraftLikelihood: Medium
Description
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-122 · CAPEC-233 · CAPEC-58
CVEs mapped to this weakness (568)
page 15 of 29| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-4636 | Hig | 0.51 | 7.8 | 0.00 | May 30, 2025 | Due to excessive privileges granted to the web user running the airpointer web platform, a malicious actor that gains control of the this user would be able to privilege escalate to the root user | |
| CVE-2025-31222 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2025 | A correctness issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6, tvOS 18.5, visionOS 2.5, watchOS 11.5. A user may be able to elevate privileges. | |
| CVE-2025-24258 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2025 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. An app may be able to gain root privileges. | |
| CVE-2025-25230 | Hig | 0.51 | 7.8 | 0.00 | Apr 16, 2025 | Omnissa Horizon Client for Windows contains an LPE Vulnerability. A malicious actor with local access where Horizon Client for Windows is installed may be able to elevate privileges. | |
| CVE-2025-22231 | Hig | 0.51 | 7.8 | 0.00 | Apr 1, 2025 | VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can escalate their privileges to root on the appliance running VMware Aria Operations. | |
| CVE-2025-0893 | Hig | 0.51 | 7.8 | 0.00 | Feb 19, 2025 | Symantec Diagnostic Tool (SymDiag), prior to 3.0.79, may be susceptible to a Privilege Escalation vulnerability. | |
| CVE-2025-0327 | Hig | 0.51 | 7.8 | 0.00 | Feb 13, 2025 | CWE-269: Improper Privilege Management vulnerability exists for two services (of which one managing audit trail data and the other acting as server managing client request) that could cause a loss of Confidentiality, Integrity and Availability of engineering workstation when an attacker with standard privilege modifies the executable path of the windows services. To be exploited, services need to be restarted. | |
| CVE-2024-11467 | Hig | 0.51 | 7.8 | 0.00 | Feb 4, 2025 | Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to a logic flaw. Successful exploitation of this issue may allow attackers with user privileges to escalate their privileges to root on the system where the Horizon Client for macOS is installed. | |
| CVE-2025-0834 | Hig | 0.51 | 7.8 | 0.00 | Jan 30, 2025 | Privilege escalation vulnerability has been found in Wondershare Dr.Fone version 13.5.21. This vulnerability could allow an attacker to escalate privileges by replacing the binary ‘C:\ProgramData\Wondershare\wsServices\ElevationService.exe’ with a malicious binary. This binary will be executed by SYSTEM automatically. | |
| CVE-2024-53706 | Hig | 0.51 | 7.8 | 0.00 | Jan 9, 2025 | A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low-privileged attacker to elevate privileges to `root` and potentially lead to code execution. | |
| CVE-2024-12786 | Hig | 0.51 | 7.8 | 0.00 | Dec 19, 2024 | A vulnerability, which was classified as critical, was found in X1a0He Adobe Downloader up to 1.3.1 on macOS. Affected is the function shouldAcceptNewConnection of the file com.x1a0he.macOS.Adobe-Downloader.helper of the component XPC Service. The manipulation leads to improper privilege management. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. This product is not affiliated with the company Adobe. | |
| CVE-2024-52336 | Hig | 0.51 | 7.8 | 0.00 | Nov 26, 2024 | A script injection vulnerability was identified in the Tuned package. The `instance_create()` D-Bus function can be called by locally logged-in users without authentication. This flaw allows a local non-privileged user to execute a D-Bus call with `script_pre` or `script_post` options that permit arbitrary scripts with their absolute paths to be passed. These user or attacker-controlled executable scripts or programs could then be executed by Tuned with root privileges that could allow attackers to local privilege escalation. | |
| CVE-2024-8424 | Hig | 0.51 | 7.8 | 0.00 | Nov 8, 2024 | Improper Privilege Management vulnerability in WatchGuard EPDR, Panda AD360 and Panda Dome on Windows (PSANHost.exe module) allows arbitrary file delete with SYSTEM permissions. This issue affects EPDR: before 8.00.23.0000; Panda AD360: before 8.00.23.0000; Panda Dome: before 22.03.00. | |
| CVE-2024-9002 | Hig | 0.51 | 7.8 | 0.00 | Oct 11, 2024 | CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized access, loss of confidentiality, integrity, and availability of the workstation when non-admin authenticated user tries to perform privilege escalation by tampering with the binaries | |
| CVE-2024-40802 | Hig | 0.51 | 7.8 | 0.00 | Jul 29, 2024 | The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A local attacker may be able to elevate their privileges. | |
| CVE-2024-40781 | Hig | 0.51 | 7.8 | 0.00 | Jul 29, 2024 | The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. A local attacker may be able to elevate their privileges. | |
| CVE-2024-27826 | Hig | 0.51 | 7.8 | 0.00 | Jul 29, 2024 | The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.6, macOS Sonoma 14.5, macOS Ventura 13.6.8, tvOS 17.5, visionOS 1.3, watchOS 10.5. A local attacker may be able to cause unexpected system shutdown. | |
| CVE-2023-50700 | Hig | 0.51 | 7.8 | 0.00 | Jul 26, 2024 | Insecure Permissions vulnerability in Deepin dde-file-manager 6.0.54 and earlier allows privileged operations to be called by unprivileged users via the D-Bus method. | |
| CVE-2024-27811 | Hig | 0.51 | 7.8 | 0.00 | Jun 10, 2024 | The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to elevate privileges. | |
| CVE-2024-34332 | Hig | 0.51 | 7.8 | 0.00 | Jun 10, 2024 | An issue in SiSoftware SANDRA v31.66 (SANDRA.sys 15.18.1.1) and before allows an attacker to escalate privileges via a crafted buffer sent to the Kernel Driver using the DeviceIoControl Windows API. |