VYPR

CWE-276

Incorrect Default Permissions

BaseDraftLikelihood: Medium

Description

During installation, installed file permissions are set to allow anyone to modify those files.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1 · CAPEC-127 · CAPEC-81

CVEs mapped to this weakness (474)

page 8 of 24
  • CVE-2002-1844HigDec 31, 2002
    risk 0.51cvss 7.8epss 0.01

    Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with world-writable permissions, which allows local users to delete or modify the executables to gain privileges.

  • CVE-2001-0497HigJul 21, 2001
    risk 0.51cvss 7.8epss 0.00

    dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.

  • CVE-2026-6819HigApr 21, 2026
    risk 0.50cvss 8.8epss 0.00

    HKUDS OpenHarness prior to PR #156 remediation exposes plugin lifecycle commands including /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders by default. Attackers who gain access through the channel layer can remotely manage plugin trust and…

  • CVE-2025-61035HigOct 22, 2025
    risk 0.50cvss 7.7epss 0.00

    The seffaflik thru 0.0.9 is vulnerable to symlink attacks due to incorrect default permissions given to the .kimlik file and .seffaflik file, which is created with mode 0777 and 0775 respectively, exposing secrets to other local users. Additionally, the .kimlik file is written…

  • CVE-2025-53947HigSep 18, 2025
    risk 0.50cvss 7.7epss 0.00

    A local attacker with low privileges on the Windows system where the software is installed can exploit this vulnerability to corrupt sensitive data. A data folder is created with very weak privileges, allowing any user logged into the Windows system to modify its content.

  • CVE-2024-52946HigNov 18, 2024
    risk 0.50cvss 8.8epss 0.00

    An issue was discovered in LemonLDAP::NG before 2.20.1. An Improper Check during session refresh allows an authenticated user to raise their authentication level if the admin configured an "Adaptative authentication rule" with an increment instead of an absolute value.

  • CVE-2024-36495HigJun 24, 2024
    risk 0.50cvss 7.7epss 0.00

    The application Faronics WINSelect (Standard + Enterprise) saves its configuration in an encrypted file on the file system which "Everyone" has read and write access to, path to file: C:\ProgramData\WINSelect\WINSelect.wsd The path for the affected WINSelect…

  • CVE-2024-27155HigJun 14, 2024
    risk 0.50cvss 7.7epss 0.00

    The Toshiba printers are vulnerable to a Local Privilege Escalation vulnerability. An attacker can remotely compromise any Toshiba printer. The programs can be replaced by malicious programs by any local or remote attacker. As for the affected products/models/versions, see the…

  • CVE-2025-13025HigNov 11, 2025
    risk 0.49cvss 7.5epss 0.00

    Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 145 and Thunderbird 145.

  • CVE-2024-55950HigDec 26, 2024
    risk 0.49cvss epss 0.00

    Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.216, Tabby terminal emulator contains overly permissive entitlements that are unnecessary for its core functionality and plugin system, creating potential security vulnerabilities. The application…

  • CVE-2024-49202HigDec 18, 2024
    risk 0.49cvss 7.6epss 0.00

    Keyfactor Command before 12.5.0 has Incorrect Access Control: access tokens are over permissioned, aka 64099. The fixed versions are 11.5.1.1, 11.5.2.1, 11.5.3.1, 11.5.4.5, 11.5.6.1, 11.6.0, 12.2.0.1, 12.3.0.1, 12.4.0.1, 12.5.0, and 24.4.0.

  • CVE-2024-44786HigNov 22, 2024
    risk 0.49cvss 7.5epss 0.01

    Incorrect access control in Meabilis CMS 1.0 allows attackers to access other users' address books via unspecified vectors.

  • CVE-2024-28058HigNov 18, 2024
    risk 0.49cvss 7.5epss 0.00

    In RSA NetWitness (NW) Platform before 12.5.1, even when an administrator revokes the access of a specific user with an active session, an internal threat actor could impersonate the revoked user and gain unauthorized access to sensitive data.

  • CVE-2024-36063HigNov 7, 2024
    risk 0.49cvss 7.5epss 0.00

    The Goodwy com.goodwy.dialer (aka Right Dialer) application through 5.1.0 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.goodwy.dialer.activities.DialerActivity component.

  • CVE-2023-23976HigApr 24, 2024
    risk 0.49cvss 7.5epss 0.00

    Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through 5.1.9.2.

  • CVE-2023-5042HigSep 20, 2023
    risk 0.49cvss 7.5epss 0.00

    Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575.

  • CVE-2018-8848HigSep 26, 2018
    risk 0.49cvss 7.5epss 0.02

    Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software, upon installation, sets incorrect permissions for an object that exposes it to an unintended actor.

  • CVE-2017-4975HigJun 13, 2017
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Pivotal PCF Tile Generator versions prior to 6.0.0. Tiles created by the PCF Tile Generator create a running open security group that overrides security groups set by the operator.

  • CVE-2026-33590HigMay 28, 2026
    risk 0.48cvss epss 0.00

    Insecure default settings of Portainer CE grant regular (non-admin) users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root…

  • CVE-2026-33572HigMar 29, 2026
    risk 0.48cvss 8.4epss 0.00

    OpenClaw before 2026.2.17 creates session transcript JSONL files with overly broad default permissions, allowing local users to read transcript contents. Attackers with local access can read transcript files to extract sensitive information including secrets from tool output.