CWE-270
Privilege Context Switching Error
BaseDraft
Description
The product does not properly manage privileges while it is switching between different contexts that have different privileges or spheres of control.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-17 · CAPEC-30 · CAPEC-35
CVEs mapped to this weakness (8)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-9408 | Hig | 0.53 | 8.1 | 0.00 | Nov 11, 2025 | System call entry on Cortex M (and possibly R and A, but I think not) has a race which allows very practical privilege escalation for malicious userspace processes. | |
| CVE-2024-46975 | Hig | 0.51 | 7.9 | 0.00 | Feb 22, 2025 | Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data into another Guest's virtualised GPU memory. | |
| CVE-2026-34853 | Hig | 0.50 | 7.7 | 0.00 | Apr 13, 2026 | Permission bypass vulnerability in the LBS module. Impact: Successful exploitation of this vulnerability may affect availability. | |
| CVE-2025-26499 | Med | 0.39 | 6.0 | 0.00 | Sep 11, 2025 | Under heavy system utilization a random race condition can occur during authentication or token refresh operation. This flaw allows one user to be granted a token intended for another user, resulting in impersonation until the session is ended. This flaw cannot be intentionally exploited due to the required concurring action by two users. However, if the event occurs a user would be inadvertently exposed to another user’s system rights and data access. | |
| CVE-2025-46406 | Med | 0.36 | 5.6 | 0.00 | Jul 10, 2025 | A Privilege Context Switching Error (CWE-270) in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary. This issue affects Command Centre Server: 9.30 prior to 9.30.1874 (MR1), 9.20 prior to 9.20.2337 (MR3), 9.10 prior to 9.10.3194 (MR6), 9.00 prior to 9.00.3371 (MR7), all versions of 8.90 and prior. | |
| CVE-2024-47173 | Med | 0.29 | 5.5 | 0.00 | Oct 24, 2024 | Aimeos is an e-commerce framework. All SaaS and marketplace setups using the Aimeos GraphQL API admin interface version from 2024.04 up to 2024.07.1 are affected by a potential denial of service attack. Version 2024.07.2 fixes the issue. | |
| CVE-2024-37294 | Med | 0.29 | 5.5 | 0.00 | Jun 11, 2024 | Aimeos is an Open Source e-commerce framework for online shops. All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack. Users should upgrade to versions 2022.10.17, 2023.10.17, or 2024.04 of the aimeos/aimeos-core package to receive a patch. | |
| CVE-2024-51987 | Med | 0.28 | 5.4 | 0.00 | Nov 8, 2024 | Duende.AccessTokenManagement.OpenIdConnect is a set of .NET libraries that manage OAuth and OpenId Connect access tokens. HTTP Clients created by `AddUserAccessTokenHttpClient` may use a different user's access token after a token refresh occurs. This occurs because a refreshed token will be captured in pooled `HttpClient` instances, which may be used by a different user. Instead of using `AddUserAccessTokenHttpClient` to create an `HttpClient` that automatically adds a managed token to outgoing requests, you can use the `HttpConext.GetUserAccessTokenAsync` extension method or the `IUserTokenManagementService.GetAccessTokenAsync` method. This issue is fixed in Duende.AccessTokenManagement.OpenIdConnect 3.0.1. All users are advised to upgrade. There are no known workarounds for this vulnerability. |