CWE-648
Incorrect Use of Privileged APIs
Description
The product does not conform to the API requirements for a function call that requires extra privileges. This could allow attackers to gain privileges by causing the function to be called incorrectly.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-107 · CAPEC-234
CVEs mapped to this weakness (31)
page 1 of 2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-4972 | Cri | 0.64 | 9.8 | 0.01 | Sep 14, 2023 | Incorrect Use of Privileged APIs vulnerability in Yepas Digital Yepas allows Collect Data as Provided by Users. This issue affects Digital Yepas: before 1.0.1. | ||
| CVE-2026-41225 | — | Cri | 0.59 | 9.1 | 0.00 | May 13, 2026 | A vulnerability exists in iControl REST where a highly privileged, authenticated attacker with at least the Manager role can create configuration objects that allow running arbitrary commands. Note: Software versions which have reached End of Technical Support (EoTS) are not… | |
| CVE-2025-2311 | Cri | 0.59 | 9.0 | 0.00 | Mar 20, 2025 | Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in Sechard Information Technologies SecHard allows Authentication Bypass, Interface Manipulation, Authentication Abuse, Harvesting Information… | ||
| CVE-2024-37018 | Cri | 0.59 | 9.1 | 0.00 | May 31, 2024 | The OpenDaylight 0.15.3 controller allows topology poisoning via API requests because an application can manipulate the path that is taken by discovery packets. | ||
| CVE-2026-41329 | Cri | 0.57 | 9.9 | 0.00 | Apr 21, 2026 | OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve… | ||
| CVE-2025-5997 | Hig | 0.57 | 8.8 | 0.00 | Jul 28, 2025 | Incorrect Use of Privileged APIs vulnerability in Beamsec PhishPro allows Privilege Abuse. This issue affects PhishPro: before 7.5.4.2. | ||
| CVE-2025-7344 | Hig | 0.57 | 8.8 | 0.01 | Jul 21, 2025 | The EAI developed by Digiwin has a Privilege Escalation vulnerability, allowing remote attackers with regular privileges to elevate their privileges to administrator level via a specific API. | ||
| CVE-2022-26323 | — | Hig | 0.57 | — | 0.00 | Apr 17, 2025 | Incorrect Use of Privileged APIs vulnerability in OpenText™ Operations Bridge Manager, OpenText™ Operations Bridge Suite (Containerized), OpenText™ UCMDB ( Classic and Containerized) allows Privilege Escalation. The vulnerability could allow authenticated attackers to… | |
| CVE-2026-41386 | Cri | 0.52 | 9.1 | 0.00 | Apr 28, 2026 | OpenClaw before 2026.3.22 contains a privilege escalation vulnerability where bootstrap setup codes are not bound to intended device roles and scopes during pairing. Attackers can exploit this during first-use device pairing to escalate privileges beyond their intended role and… | ||
| CVE-2026-9560 | Hig | 0.51 | 7.8 | 0.01 | May 26, 2026 | Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel | ||
| CVE-2024-32008 | Hig | 0.51 | 7.8 | 0.00 | Nov 11, 2025 | A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to a local privilege escalation due to an exposed debug interface on the localhost. This allows any local user to gain code execution as… | ||
| CVE-2026-35669 | Hig | 0.50 | 8.8 | 0.00 | Apr 10, 2026 | OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in gateway-authenticated plugin HTTP routes that incorrectly mint operator.admin runtime scope regardless of caller-granted scopes. Attackers can exploit this scope boundary bypass to gain elevated… | ||
| CVE-2026-35663 | Hig | 0.50 | 8.8 | 0.00 | Apr 10, 2026 | OpenClaw before 2026.3.25 contains a privilege escalation vulnerability allowing non-admin operators to self-request broader scopes during backend reconnect. Attackers can bypass pairing requirements to reconnect as operator.admin, gaining unauthorized administrative privileges. | ||
| CVE-2026-35639 | Hig | 0.50 | 8.8 | 0.00 | Apr 9, 2026 | OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient… | ||
| CVE-2023-4993 | Hig | 0.49 | 7.5 | 0.00 | Feb 15, 2024 | Incorrect Use of Privileged APIs vulnerability in Utarit Information Technologies SoliPay Mobile App allows Collect Data as Provided by Users. This issue affects SoliPay Mobile App: before 5.0.8. | ||
| CVE-2023-6151 | Hig | 0.49 | 7.5 | 0.01 | Nov 28, 2023 | Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users. This issue affects e-municipality module: before v.105. | ||
| CVE-2023-6150 | Hig | 0.49 | 7.5 | 0.01 | Nov 28, 2023 | Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users. This issue affects e-municipality module: before v.105. | ||
| CVE-2026-20122 | Med | 0.47 | 5.4 | 0.07 | KEV | Feb 25, 2026 | A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected… | |
| CVE-2023-6522 | Hig | 0.47 | 7.2 | 0.00 | Apr 5, 2024 | Incorrect Use of Privileged APIs vulnerability in ExtremePacs Extreme XDS allows Collect Data as Provided by Users. This issue affects Extreme XDS: before 3914. | ||
| CVE-2026-35645 | Hig | 0.46 | 8.1 | 0.00 | Apr 9, 2026 | OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in the gateway plugin subagent fallback deleteSession function that uses a synthetic operator.admin runtime scope. Attackers can exploit this by triggering session deletion without a request-scoped client to… |
- risk 0.64cvss 9.8epss 0.01
Incorrect Use of Privileged APIs vulnerability in Yepas Digital Yepas allows Collect Data as Provided by Users. This issue affects Digital Yepas: before 1.0.1.
- risk 0.59cvss 9.1epss 0.00
A vulnerability exists in iControl REST where a highly privileged, authenticated attacker with at least the Manager role can create configuration objects that allow running arbitrary commands. Note: Software versions which have reached End of Technical Support (EoTS) are not…
- risk 0.59cvss 9.0epss 0.00
Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in Sechard Information Technologies SecHard allows Authentication Bypass, Interface Manipulation, Authentication Abuse, Harvesting Information…
- risk 0.59cvss 9.1epss 0.00
The OpenDaylight 0.15.3 controller allows topology poisoning via API requests because an application can manipulate the path that is taken by discovery packets.
- risk 0.57cvss 9.9epss 0.00
OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can exploit improper context validation to bypass sandbox restrictions and achieve…
- risk 0.57cvss 8.8epss 0.00
Incorrect Use of Privileged APIs vulnerability in Beamsec PhishPro allows Privilege Abuse. This issue affects PhishPro: before 7.5.4.2.
- risk 0.57cvss 8.8epss 0.01
The EAI developed by Digiwin has a Privilege Escalation vulnerability, allowing remote attackers with regular privileges to elevate their privileges to administrator level via a specific API.
- risk 0.57cvss —epss 0.00
Incorrect Use of Privileged APIs vulnerability in OpenText™ Operations Bridge Manager, OpenText™ Operations Bridge Suite (Containerized), OpenText™ UCMDB ( Classic and Containerized) allows Privilege Escalation. The vulnerability could allow authenticated attackers to…
- risk 0.52cvss 9.1epss 0.00
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability where bootstrap setup codes are not bound to intended device roles and scopes during pairing. Attackers can exploit this during first-use device pairing to escalate privileges beyond their intended role and…
- risk 0.51cvss 7.8epss 0.01
Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel
- risk 0.51cvss 7.8epss 0.00
A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to a local privilege escalation due to an exposed debug interface on the localhost. This allows any local user to gain code execution as…
- risk 0.50cvss 8.8epss 0.00
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in gateway-authenticated plugin HTTP routes that incorrectly mint operator.admin runtime scope regardless of caller-granted scopes. Attackers can exploit this scope boundary bypass to gain elevated…
- risk 0.50cvss 8.8epss 0.00
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability allowing non-admin operators to self-request broader scopes during backend reconnect. Attackers can bypass pairing requirements to reconnect as operator.admin, gaining unauthorized administrative privileges.
- risk 0.50cvss 8.8epss 0.00
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient…
- risk 0.49cvss 7.5epss 0.00
Incorrect Use of Privileged APIs vulnerability in Utarit Information Technologies SoliPay Mobile App allows Collect Data as Provided by Users. This issue affects SoliPay Mobile App: before 5.0.8.
- risk 0.49cvss 7.5epss 0.01
Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users. This issue affects e-municipality module: before v.105.
- risk 0.49cvss 7.5epss 0.01
Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users. This issue affects e-municipality module: before v.105.
- risk 0.47cvss 5.4epss 0.07
A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected…
- risk 0.47cvss 7.2epss 0.00
Incorrect Use of Privileged APIs vulnerability in ExtremePacs Extreme XDS allows Collect Data as Provided by Users. This issue affects Extreme XDS: before 3914.
- risk 0.46cvss 8.1epss 0.00
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in the gateway plugin subagent fallback deleteSession function that uses a synthetic operator.admin runtime scope. Attackers can exploit this by triggering session deletion without a request-scoped client to…