CWE-276
Incorrect Default Permissions
BaseDraftLikelihood: Medium
Description
During installation, installed file permissions are set to allow anyone to modify those files.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-1 · CAPEC-127 · CAPEC-81
CVEs mapped to this weakness (311)
page 7 of 16| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2002-1844 | Hig | 0.51 | 7.8 | 0.00 | Dec 31, 2002 | Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with world-writable permissions, which allows local users to delete or modify the executables to gain privileges. | |
| CVE-2001-0497 | Hig | 0.51 | 7.8 | 0.00 | Jul 21, 2001 | dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates. | |
| CVE-2025-61035 | Hig | 0.50 | 7.7 | 0.00 | Oct 22, 2025 | The seffaflik thru 0.0.9 is vulnerable to symlink attacks due to incorrect default permissions given to the .kimlik file and .seffaflik file, which is created with mode 0777 and 0775 respectively, exposing secrets to other local users. Additionally, the .kimlik file is written without symlink checks, allowing local attackers to overwrite arbitrary files. This can result in information disclosure and denial of service. | |
| CVE-2025-53947 | Hig | 0.50 | 7.7 | 0.00 | Sep 18, 2025 | A local attacker with low privileges on the Windows system where the software is installed can exploit this vulnerability to corrupt sensitive data. A data folder is created with very weak privileges, allowing any user logged into the Windows system to modify its content. | |
| CVE-2024-52946 | Hig | 0.50 | 8.8 | 0.00 | Nov 18, 2024 | An issue was discovered in LemonLDAP::NG before 2.20.1. An Improper Check during session refresh allows an authenticated user to raise their authentication level if the admin configured an "Adaptative authentication rule" with an increment instead of an absolute value. | |
| CVE-2024-36495 | Hig | 0.50 | 7.7 | 0.00 | Jun 24, 2024 | The application Faronics WINSelect (Standard + Enterprise) saves its configuration in an encrypted file on the file system which "Everyone" has read and write access to, path to file: C:\ProgramData\WINSelect\WINSelect.wsd The path for the affected WINSelect Enterprise configuration file is: C:\ProgramData\Faronics\StorageSpace\WS\WINSelect.wsd | |
| CVE-2024-27155 | Hig | 0.50 | 7.7 | 0.00 | Jun 14, 2024 | The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the reference URL. | |
| CVE-2026-41712 | Hig | 0.49 | 7.5 | 0.00 | May 12, 2026 | Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data exposure between users. | |
| CVE-2025-13025 | Hig | 0.49 | 7.5 | 0.00 | Nov 11, 2025 | Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145. | |
| CVE-2024-55950 | Hig | 0.49 | — | 0.00 | Dec 26, 2024 | Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.216, Tabby terminal emulator contains overly permissive entitlements that are unnecessary for its core functionality and plugin system, creating potential security vulnerabilities. The application currently holds powerful permissions including camera, microphone access, and the ability to access personal folders (Downloads, Documents, etc.) through Apple Events, while also maintaining dangerous entitlements that enable code injection. The concerning entitlements are com.apple.security.cs.allow-dyld-environment-variables and com.apple.security.cs.disable-library-validation. Since Tabby's plugins and themes are NodeJS-based without native libraries or frameworks, and no environment variables are used in the codebase, it is recommended to review and remove at least one of the entitlements (com.apple.security.cs.disable-library-validation or com.apple.security.cs.allow-dyld-environment-variables) to prevent DYLD_INSERT_LIBRARIES injection while maintaining full application functionality. This vulnerability is fixed in 1.0.216. | |
| CVE-2024-49202 | Hig | 0.49 | 7.6 | 0.00 | Dec 18, 2024 | Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned, aka 64099. The fixed versions are 11.5.1.1, 11.5.2.1, 11.5.3.1, 11.5.4.5, 11.5.6.1, 11.6.0, 12.2.0.1, 12.3.0.1, 12.4.0.1, 12.5.0, and 24.4.0. | |
| CVE-2024-44786 | Hig | 0.49 | 7.5 | 0.00 | Nov 22, 2024 | Incorrect access control in Meabilis CMS 1.0 allows attackers to access other users' address books via unspecified vectors. | |
| CVE-2024-28058 | Hig | 0.49 | 7.5 | 0.00 | Nov 18, 2024 | In RSA NetWitness (NW) Platform before 12.5.1, even when an administrator revokes the access of a specific user with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive data. | |
| CVE-2024-36063 | Hig | 0.49 | 7.5 | 0.00 | Nov 7, 2024 | The Goodwy com.goodwy.dialer (aka Right Dialer) application through 5.1.0 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.goodwy.dialer.activities.DialerActivity component. | |
| CVE-2023-23976 | Hig | 0.49 | 7.5 | 0.00 | Apr 24, 2024 | Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through 5.1.9.2. | |
| CVE-2023-5042 | Hig | 0.49 | 7.5 | 0.00 | Sep 20, 2023 | Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575. | |
| CVE-2017-4975 | Hig | 0.49 | 7.5 | 0.00 | Jun 13, 2017 | An issue was discovered in Pivotal PCF Tile Generator versions prior to 6.0.0. Tiles created by the PCF Tile Generator create a running open security group that overrides security groups set by the operator. | |
| CVE-2024-27171 | Hig | 0.48 | 7.4 | 0.02 | Jun 14, 2024 | A remote attacker using the insecure upload functionality will be able to overwrite any Python file and get Remote Code Execution. As for the affected products/models/versions, see the reference URL. | |
| CVE-2024-27167 | Hig | 0.48 | 7.4 | 0.00 | Jun 14, 2024 | Toshiba printers use Sendmail to send emails to recipients. Sendmail is used with several insecure directories. A local attacker can inject a malicious Sendmail configuration file. As for the affected products/models/versions, see the reference URL. | |
| CVE-2024-27166 | Hig | 0.48 | 7.4 | 0.00 | Jun 14, 2024 | Coredump binaries in Toshiba printers have incorrect permissions. A local attacker can steal confidential information. As for the affected products/models/versions, see the reference URL. |