CWE-276
Incorrect Default Permissions
Description
During installation, installed file permissions are set to allow anyone to modify those files.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-1 · CAPEC-127 · CAPEC-81
CVEs mapped to this weakness (474)
page 10 of 24| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-32368 | Hig | 0.47 | 7.3 | 0.00 | Apr 22, 2024 | Insecure Permission vulnerability in Agasta Sanketlife 2.0 Pocket 12-Lead ECG Monitor FW Version 3.0 allows a local attacker to cause a denial of service via the Bluetooth Low Energy (BLE) component. | ||
| CVE-2026-47107 | Hig | 0.46 | 8.1 | 0.00 | May 19, 2026 | Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read-write restrictions, allowing authenticated users to write arbitrary entries to /etc/hosts, /etc/resolv.conf, and… | ||
| CVE-2025-48512 | Hig | 0.46 | — | 0.00 | May 15, 2026 | Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution. | ||
| CVE-2026-6823 | Hig | 0.46 | 8.2 | 0.00 | Apr 21, 2026 | HKUDS OpenHarness prior to PR #147 remediation contains an insecure default configuration vulnerability where remote channels inherit allow_from = ["*"] permitting arbitrary remote senders to pass admission checks. Attackers who can reach the configured channel can bypass access… | ||
| CVE-2025-13905 | — | Hig | 0.46 | — | 0.00 | Jan 29, 2026 | CWE-276: Incorrect Default Permissions vulnerability exists that could cause privilege escalation through the reverse shell when one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart. | |
| CVE-2025-61667 | Hig | 0.46 | — | 0.00 | Nov 12, 2025 | The Datadog Agent collects events and metrics from hosts and sends them to Datadog. A vulnerability within the Datadog Linux Host Agent versions 7.65.0 through 7.70.2 exists due to insufficient permissions being set on the `opt/datadog-agent/python-scripts/__pycache__` directory… | ||
| CVE-2025-49006 | Hig | 0.46 | — | 0.00 | Jun 9, 2025 | Wasp (Web Application Specification) is a Rails-like framework for React, Node.js, and Prisma. Prior to version 0.16.6, Wasp authentication has a vulnerability in the OAuth authentication implementation (affecting only Keycloak with a specific config). Wasp currently lowercases… | ||
| CVE-2025-24176 | Hig | 0.46 | 7.1 | 0.00 | Jan 27, 2025 | A permissions issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. A local attacker may be able to elevate their privileges. | ||
| CVE-2024-52867 | Hig | 0.46 | 8.1 | 0.00 | Nov 17, 2024 | guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns (e.g., for setuid and setgid programs) are properly addressed. The vulnerability can be remediated within the product via certain… | ||
| CVE-2024-49504 | Hig | 0.46 | — | 0.00 | Nov 13, 2024 | grub2 allowed attackers with access to the grub shell to access files on the encrypted disks. | ||
| CVE-2024-40805 | Hig | 0.46 | 7.1 | 0.00 | Jul 29, 2024 | A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences. | ||
| CVE-2023-38291 | Hig | 0.46 | 7.1 | 0.00 | Apr 22, 2024 | An issue was discovered in a third-party component related to ro.boot.wifimacaddr, shipped on devices from multiple device manufacturers. Various software builds for the following TCL devices (30Z and 10L) and Motorola devices (Moto G Pure and Moto G Power) leak the Wi-Fi MAC… | ||
| CVE-2018-14335 | — | Med | 0.46 | 6.5 | 0.13 | Jul 24, 2018 | An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file. | |
| CVE-2017-12699 | Hig | 0.46 | 7.1 | 0.00 | Sep 9, 2017 | An Incorrect Default Permissions issue was discovered in AzeoTech DAQFactory versions prior to 17.1. Local, non-administrative users may be able to replace or modify original application files with malicious ones. | ||
| CVE-2017-1382 | Hig | 0.46 | 7.1 | 0.00 | Jul 24, 2017 | IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 might create files using the default permissions instead of the customized permissions when custom startup scripts are used. A local attacker could exploit this to gain access to files with an unknown impact. IBM X-Force… | ||
| CVE-2025-48516 | Med | 0.45 | — | 0.00 | May 15, 2026 | Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotected PMIC interface to create a permanent denial of service condition or affect the integrity of the memory module. | ||
| CVE-2025-62661 | Med | 0.45 | — | 0.00 | Oct 21, 2025 | Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki - Thanks Extension, Mediawiki - Growth Experiments Extension allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mediawiki - Thanks Extension, Mediawiki - Growth… | ||
| CVE-2025-62668 | Med | 0.45 | — | 0.00 | Oct 18, 2025 | Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Resource Leak Exposure.This issue affects Mediawiki - GrowthExperiments Extension: from master before 1.39. | ||
| CVE-2024-12564 | Med | 0.45 | — | 0.01 | Dec 12, 2024 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open Design Alliance CDE inWEB SDK before 2025.3. Installing CDE Server with default settings allows unauthorized users to visit prometheus metrics page. This can allow attackers to… | ||
| CVE-2026-50255 | Med | 0.44 | 6.7 | 0.00 | Jun 16, 2026 | Incorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploited, arbitrary code may be executed with SYSTEM privileges. |
- risk 0.47cvss 7.3epss 0.00
Insecure Permission vulnerability in Agasta Sanketlife 2.0 Pocket 12-Lead ECG Monitor FW Version 3.0 allows a local attacker to cause a denial of service via the Bluetooth Low Energy (BLE) component.
- risk 0.46cvss 8.1epss 0.00
Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read-write restrictions, allowing authenticated users to write arbitrary entries to /etc/hosts, /etc/resolv.conf, and…
- risk 0.46cvss —epss 0.00
Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller (GPIO) could allow an attacker to achieve privilege escalation resulting in arbitrary code execution.
- risk 0.46cvss 8.2epss 0.00
HKUDS OpenHarness prior to PR #147 remediation contains an insecure default configuration vulnerability where remote channels inherit allow_from = ["*"] permitting arbitrary remote senders to pass admission checks. Attackers who can reach the configured channel can bypass access…
- risk 0.46cvss —epss 0.00
CWE-276: Incorrect Default Permissions vulnerability exists that could cause privilege escalation through the reverse shell when one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart.
- risk 0.46cvss —epss 0.00
The Datadog Agent collects events and metrics from hosts and sends them to Datadog. A vulnerability within the Datadog Linux Host Agent versions 7.65.0 through 7.70.2 exists due to insufficient permissions being set on the `opt/datadog-agent/python-scripts/__pycache__` directory…
- risk 0.46cvss —epss 0.00
Wasp (Web Application Specification) is a Rails-like framework for React, Node.js, and Prisma. Prior to version 0.16.6, Wasp authentication has a vulnerability in the OAuth authentication implementation (affecting only Keycloak with a specific config). Wasp currently lowercases…
- risk 0.46cvss 7.1epss 0.00
A permissions issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. A local attacker may be able to elevate their privileges.
- risk 0.46cvss 8.1epss 0.00
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns (e.g., for setuid and setgid programs) are properly addressed. The vulnerability can be remediated within the product via certain…
- risk 0.46cvss —epss 0.00
grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.
- risk 0.46cvss 7.1epss 0.00
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, watchOS 10.6. An app may be able to bypass Privacy preferences.
- risk 0.46cvss 7.1epss 0.00
An issue was discovered in a third-party component related to ro.boot.wifimacaddr, shipped on devices from multiple device manufacturers. Various software builds for the following TCL devices (30Z and 10L) and Motorola devices (Moto G Pure and Moto G Power) leak the Wi-Fi MAC…
- risk 0.46cvss 6.5epss 0.13
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.
- risk 0.46cvss 7.1epss 0.00
An Incorrect Default Permissions issue was discovered in AzeoTech DAQFactory versions prior to 17.1. Local, non-administrative users may be able to replace or modify original application files with malicious ones.
- risk 0.46cvss 7.1epss 0.00
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 might create files using the default permissions instead of the customized permissions when custom startup scripts are used. A local attacker could exploit this to gain access to files with an unknown impact. IBM X-Force…
- risk 0.45cvss —epss 0.00
Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotected PMIC interface to create a permanent denial of service condition or affect the integrity of the memory module.
- risk 0.45cvss —epss 0.00
Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki - Thanks Extension, Mediawiki - Growth Experiments Extension allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mediawiki - Thanks Extension, Mediawiki - Growth…
- risk 0.45cvss —epss 0.00
Incorrect Default Permissions vulnerability in The Wikimedia Foundation Mediawiki - GrowthExperiments Extension allows Resource Leak Exposure.This issue affects Mediawiki - GrowthExperiments Extension: from master before 1.39.
- risk 0.45cvss —epss 0.01
Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open Design Alliance CDE inWEB SDK before 2025.3. Installing CDE Server with default settings allows unauthorized users to visit prometheus metrics page. This can allow attackers to…
- risk 0.44cvss 6.7epss 0.00
Incorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploited, arbitrary code may be executed with SYSTEM privileges.