VYPR

CWE-276

Incorrect Default Permissions

BaseDraftLikelihood: Medium

Description

During installation, installed file permissions are set to allow anyone to modify those files.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1 · CAPEC-127 · CAPEC-81

CVEs mapped to this weakness (474)

page 13 of 24
  • CVE-2025-58713MedApr 8, 2026
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain Red Hat Process Automation Manager images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an…

  • CVE-2025-57854MedApr 8, 2026
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain OpenShift Update Service (OSUS) images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an…

  • CVE-2025-57853MedApr 8, 2026
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain Web Terminal images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container,…

  • CVE-2025-57851MedApr 8, 2026
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain Multicluster Engine for Kubernetes images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an…

  • CVE-2025-57847MedApr 8, 2026
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain Ansible Automation Platform images. This issue arises from the /etc/passwd file being created with group-writable permissions during the build process. In certain conditions, an attacker who can execute commands within…

  • CVE-2025-8766MedMar 13, 2026
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an…

  • CVE-2025-57849MedMar 13, 2026
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain Fuse images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a…

  • CVE-2025-57850MedDec 2, 2025
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain CodeReady Workspaces images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected…

  • CVE-2025-43507MedNov 4, 2025
    risk 0.42cvss 6.5epss 0.00

    A privacy issue was addressed by moving sensitive data. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. An app may be able to fingerprint the user.

  • CVE-2025-57848MedOct 23, 2025
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain Container-native Virtualization images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an…

  • CVE-2025-58712MedOct 22, 2025
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain AMQ Broker images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container,…

  • CVE-2025-57852MedSep 30, 2025
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in KServe ModelMesh container images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected…

  • CVE-2025-7195MedAug 7, 2025
    risk 0.42cvss 6.4epss 0.00

    Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/passwd file to 664 during build time.…

  • CVE-2025-41665MedJul 8, 2025
    risk 0.42cvss 6.5epss 0.00

    An low privileged remote attacker can enforce the watchdog of the affected devices to reboot the PLC due to incorrect default permissions of a config file.

  • CVE-2024-54564MedMar 21, 2025
    risk 0.42cvss 6.5epss 0.00

    This issue was addressed through improved state management. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, visionOS 1.3. A file received from AirDrop may not have the quarantine flag applied.

  • CVE-2024-48293MedNov 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Incorrect access control in QuickHeal Antivirus Pro 24.1.0.182 and earlier allows authenticated attackers with low-level privileges to arbitrarily modify antivirus settings.

  • CVE-2024-52926MedNov 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Delinea Privilege Manager before 12.0.2 mishandles the security of the Windows agent.

  • CVE-2024-34455HigMay 3, 2024
    risk 0.42cvss 7.5epss 0.01

    Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory. A fix was released in 2024.02.2.

  • CVE-2017-0369MedApr 13, 2018
    risk 0.42cvss 6.5epss 0.01

    Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a sysops to undelete pages, although the page is protected against it.

  • CVE-2025-2782MedMar 28, 2025
    risk 0.41cvss epss 0.00

    The WatchGuard Terminal Services Agent on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system. This issue affects Terminal…