VYPR

CWE-276

Incorrect Default Permissions

BaseDraftLikelihood: Medium

Description

During installation, installed file permissions are set to allow anyone to modify those files.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1 · CAPEC-127 · CAPEC-81

CVEs mapped to this weakness (474)

page 14 of 24
  • CVE-2025-2781MedMar 28, 2025
    risk 0.41cvss epss 0.00

    The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system. This issue affects…

  • CVE-2024-6640MedAug 12, 2024
    risk 0.41cvss 6.3epss 0.00

    In ICMPv6 Neighbor Discovery (ND), the ID is always 0. When pf is configured to allow ND and block incoming Echo Requests, a crafted Echo Request packet after a Neighbor Solicitation (NS) can trigger an Echo Reply. The packet has to come from the same host as the NS and have a…

  • CVE-2016-20029MedMar 16, 2026
    risk 0.40cvss 6.2epss 0.00

    ZKTeco ZKBioSecurity 3.0 contains a file path manipulation vulnerability that allows attackers to access arbitrary files by modifying file paths used to retrieve local resources. Attackers can manipulate path parameters to bypass access controls and retrieve sensitive…

  • CVE-2020-37160MedFeb 7, 2026
    risk 0.40cvss 6.2epss 0.00

    SprintWork 2.3.1 contains multiple local privilege escalation vulnerabilities through insecure file, service, and folder permissions on Windows systems. Local unprivileged users can exploit missing executable files and weak service configurations to create a new administrative…

  • CVE-2025-46185MedOct 24, 2025
    risk 0.40cvss 6.2epss 0.00

    An Insecure Permission vulnerability in pgcodekeeper 10.12.0 allows a local attacker to obtain sensitive information via the plaintext storage of passwords and usernames.

  • CVE-2025-49144HigJun 23, 2025
    risk 0.40cvss 7.3epss 0.00

    Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker…

  • CVE-2024-54131HigDec 3, 2024
    risk 0.40cvss epss 0.00

    The Kolide Agent (aka: Launcher) is the lightweight agent designed to work with Kolide's service. An implementation bug in the Kolide Agent (known as `launcher`) allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced in version…

  • CVE-2023-38294MedApr 22, 2024
    risk 0.40cvss 6.1epss 0.00

    Certain software builds for the Itel Vision 3 Turbo Android device contain a vulnerable pre-installed app with a package name of com.transsion.autotest.factory (versionCode='7', versionName='1.8.0(220310_1027)') that allows local third-party apps to execute arbitrary shell…

  • CVE-2025-53945HigJul 18, 2025
    risk 0.39cvss 7.0epss 0.00

    apko allows users to build and publish OCI container images built from apk packages. Starting in version 0.27.0 and prior to version 0.29.5, critical files were inadvertently set to 0666, which could likely be abused for root escalation. Version 0.29.5 contains a fix for the…

  • CVE-2023-45896HigAug 28, 2024
    risk 0.39cvss 7.1epss 0.00

    ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem (e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media) and then leveraging local access to trigger an…

  • CVE-2024-4030HigMay 7, 2024
    risk 0.39cvss 7.1epss 0.00

    On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users…

  • CVE-2024-23847MedMay 31, 2024
    risk 0.38cvss 5.9epss 0.00

    Incorrect default permissions issue exists in Unifier and Unifier Cast. If this vulnerability is exploited, arbitrary code may be executed with LocalSystem privilege. As a result, a malicious program may be installed, data may be altered or deleted.

  • CVE-2017-5622MedMar 26, 2017
    risk 0.38cvss 5.9epss 0.00

    With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. Therefore, a malicious charger or a physical attacker can open up, without authorization, an ADB session with the device, in order to further…

  • CVE-2026-11931MedJun 15, 2026
    risk 0.36cvss 5.5epss 0.00

    Incorrect default permissions in Kiro IDE on macOS and Linux before version 0.11.133 could expose the authentication token cache file to other local users or processes via world-readable permissions (0644) instead of owner-restricted permissions (0600). To remediate this…

  • CVE-2026-21015MedMay 13, 2026
    risk 0.36cvss 5.5epss 0.00

    Incorrect default permissions in FactoryCamera prior to SMR May-2026 Release 1 allows local attacker to access unique identifier.

  • CVE-2026-21013MedApr 13, 2026
    risk 0.36cvss 5.5epss 0.00

    Incorrect default permission in Galaxy Wearable prior to version 2.2.68.26 allows local attackers to access sensitive information.

  • CVE-2026-28267MedMar 10, 2026
    risk 0.36cvss 5.5epss 0.00

    Multiple i-フィルター products are configured with improper file access permission settings. Files may be created or overwritten in the system directory or backup directory by a non-administrative user.

  • CVE-2025-43519MedDec 12, 2025
    risk 0.36cvss 5.5epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access sensitive user data.

  • CVE-2025-13193MedNov 17, 2025
    risk 0.36cvss 5.5epss 0.00

    A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability.

  • CVE-2025-41658MedAug 4, 2025
    risk 0.36cvss 5.5epss 0.00

    CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged operating system users due to default file permissions.