CWE-732
Incorrect Permission Assignment for Critical Resource
Description
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-1 · CAPEC-122 · CAPEC-127 · CAPEC-17 · CAPEC-180 · CAPEC-206 · CAPEC-234 · CAPEC-60 · CAPEC-61 · CAPEC-62 · CAPEC-642
CVEs mapped to this weakness (623)
page 10 of 32| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-22029 | Hig | 0.51 | 7.8 | 0.00 | Oct 16, 2024 | Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root | ||
| CVE-2024-38456 | Hig | 0.51 | 7.8 | 0.00 | Sep 3, 2024 | HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain an insecure file and folder permissions vulnerability in prunsrv.exe. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute… | ||
| CVE-2023-5936 | Hig | 0.51 | 7.8 | 0.00 | May 15, 2024 | On Unix systems (Linux, MacOS), Arc uses a temporary file with unsafe privileges. By tampering with such file, a malicious local user in the system may be able to trigger arbitrary code execution with root privileges. | ||
| CVE-2018-12131 | Hig | 0.51 | 7.8 | 0.00 | Oct 10, 2018 | Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access. | ||
| CVE-2018-11064 | Hig | 0.51 | 7.8 | 0.00 | Oct 5, 2018 | Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x contains an Incorrect File Permissions vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability to alter multiple library files in service tools… | ||
| CVE-2018-16588 | Hig | 0.51 | 7.8 | 0.00 | Sep 26, 2018 | Privilege escalation can occur in the SUSE useradd.c code in useradd, as distributed in the SUSE shadow package through 4.2.1-27.9.1 for SUSE Linux Enterprise 12 (SLE-12) and through 4.5-5.39 for SUSE Linux Enterprise 15 (SLE-15). Non-existing intermediate directories are… | ||
| CVE-2018-11277 | Hig | 0.51 | 7.8 | 0.00 | Sep 20, 2018 | In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, the com.qualcomm.embms is a vendor package deployed in the system image… | ||
| CVE-2018-12168 | Hig | 0.51 | 7.8 | 0.00 | Sep 12, 2018 | Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an authenticated user to potentially execute code as administrator via local access. | ||
| CVE-2018-12162 | Hig | 0.51 | 7.8 | 0.00 | Sep 12, 2018 | Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local access. | ||
| CVE-2018-12148 | Hig | 0.51 | 7.8 | 0.00 | Sep 12, 2018 | Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access. | ||
| CVE-2018-13412 | Hig | 0.51 | 7.8 | 0.01 | Sep 12, 2018 | An issue was discovered in the Self Service Portal in Zoho ManageEngine Desktop Central before 10.0.282. A clickable company logo in a window running as SYSTEM can be abused to escalate privileges. In cloud, the issue is fixed in 10.0.470 agent version. | ||
| CVE-2018-16545 | Hig | 0.51 | 7.8 | 0.02 | Sep 5, 2018 | Kaizen Asset Manager (Enterprise Edition) and Training Manager (Enterprise Edition) allow a remote attacker to achieve arbitrary code execution via file impersonation. For example, a malicious dynamic-link library (dll) assumed the identity of a temporary (tmp) file (isxdl.dll)… | ||
| CVE-2018-5546 | — | Hig | 0.51 | 7.8 | 0.00 | Aug 17, 2018 | The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may… | |
| CVE-2018-11453 | Hig | 0.51 | 7.8 | 0.00 | Aug 7, 2018 | A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions… | ||
| CVE-2018-11642 | Hig | 0.51 | 7.8 | 0.01 | Jul 3, 2018 | Incorrect Permission Assignment on the /var/www/xms/cleanzip.sh shell script run periodically in Dialogic PowerMedia XMS through 3.5 allows local users to execute code as the root user. | ||
| CVE-2018-11334 | Hig | 0.51 | 7.8 | 0.00 | May 23, 2018 | Windscribe 1.81 creates a named pipe with a NULL DACL that allows Everyone users to gain privileges or cause a denial of service via \\.\pipe\WindscribeService. | ||
| CVE-2018-10647 | Hig | 0.51 | 7.8 | 0.00 | May 2, 2018 | SaferVPN 4.2.5 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "SaferVPN.Service" service. The "SaferVPN.Service" service executes "openvpn.exe" using OpenVPN config files located within the current user's %LOCALAPPDATA%\SaferVPN\OvpnConfig directory.… | ||
| CVE-2018-10646 | Hig | 0.51 | 7.8 | 0.00 | May 2, 2018 | CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "CG6Service" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The… | ||
| CVE-2018-10645 | Hig | 0.51 | 7.8 | 0.00 | May 2, 2018 | Golden Frog VyprVPN 2.12.1.8015 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "VyprVPN" service. This service establishes a NetNamedPipe endpoint that allows applications to connect and call publicly exposed methods. The "SetProperty" method… | ||
| CVE-2018-5349 | Hig | 0.51 | 7.8 | 0.00 | Mar 22, 2018 | A vulnerability has been found in Heimdal PRO v2.2.190, but it is most likely also present in Heimdal FREE and Heimdal CORP. Faulty permissions on the directory "C:\ProgramData\Heimdal Security\Heimdal Agent" allow BUILTIN\Users to write new files to the directory. On startup,… |
- risk 0.51cvss 7.8epss 0.00
Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root
- risk 0.51cvss 7.8epss 0.00
HIGH-LEIT V05.08.01.03 and HIGH-LEIT V04.25.00.00 to 4.25.01.01 for Windows from Vivavis contain an insecure file and folder permissions vulnerability in prunsrv.exe. A regular user (non-admin) can exploit the weak folder and file permissions to escalate privileges and execute…
- risk 0.51cvss 7.8epss 0.00
On Unix systems (Linux, MacOS), Arc uses a temporary file with unsafe privileges. By tampering with such file, a malicious local user in the system may be able to trigger arbitrary code execution with root privileges.
- risk 0.51cvss 7.8epss 0.00
Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local access.
- risk 0.51cvss 7.8epss 0.00
Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x contains an Incorrect File Permissions vulnerability. A locally authenticated malicious user could potentially exploit this vulnerability to alter multiple library files in service tools…
- risk 0.51cvss 7.8epss 0.00
Privilege escalation can occur in the SUSE useradd.c code in useradd, as distributed in the SUSE shadow package through 4.2.1-27.9.1 for SUSE Linux Enterprise 12 (SLE-12) and through 4.5-5.39 for SUSE Linux Enterprise 15 (SLE-15). Non-existing intermediate directories are…
- risk 0.51cvss 7.8epss 0.00
In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, the com.qualcomm.embms is a vendor package deployed in the system image…
- risk 0.51cvss 7.8epss 0.00
Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an authenticated user to potentially execute code as administrator via local access.
- risk 0.51cvss 7.8epss 0.00
Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local access.
- risk 0.51cvss 7.8epss 0.00
Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access.
- risk 0.51cvss 7.8epss 0.01
An issue was discovered in the Self Service Portal in Zoho ManageEngine Desktop Central before 10.0.282. A clickable company logo in a window running as SYSTEM can be abused to escalate privileges. In cloud, the issue is fixed in 10.0.470 agent version.
- risk 0.51cvss 7.8epss 0.02
Kaizen Asset Manager (Enterprise Edition) and Training Manager (Enterprise Edition) allow a remote attacker to achieve arbitrary code execution via file impersonation. For example, a malicious dynamic-link library (dll) assumed the identity of a temporary (tmp) file (isxdl.dll)…
- risk 0.51cvss 7.8epss 0.00
The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may…
- risk 0.51cvss 7.8epss 0.00
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions…
- risk 0.51cvss 7.8epss 0.01
Incorrect Permission Assignment on the /var/www/xms/cleanzip.sh shell script run periodically in Dialogic PowerMedia XMS through 3.5 allows local users to execute code as the root user.
- risk 0.51cvss 7.8epss 0.00
Windscribe 1.81 creates a named pipe with a NULL DACL that allows Everyone users to gain privileges or cause a denial of service via \\.\pipe\WindscribeService.
- risk 0.51cvss 7.8epss 0.00
SaferVPN 4.2.5 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "SaferVPN.Service" service. The "SaferVPN.Service" service executes "openvpn.exe" using OpenVPN config files located within the current user's %LOCALAPPDATA%\SaferVPN\OvpnConfig directory.…
- risk 0.51cvss 7.8epss 0.00
CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "CG6Service" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The…
- risk 0.51cvss 7.8epss 0.00
Golden Frog VyprVPN 2.12.1.8015 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "VyprVPN" service. This service establishes a NetNamedPipe endpoint that allows applications to connect and call publicly exposed methods. The "SetProperty" method…
- risk 0.51cvss 7.8epss 0.00
A vulnerability has been found in Heimdal PRO v2.2.190, but it is most likely also present in Heimdal FREE and Heimdal CORP. Faulty permissions on the directory "C:\ProgramData\Heimdal Security\Heimdal Agent" allow BUILTIN\Users to write new files to the directory. On startup,…