VYPR

CWE-732

Incorrect Permission Assignment for Critical Resource

ClassDraftLikelihood: High

Description

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

When a resource is given a permission setting that provides access to a wider range of actors than required, it could lead to the exposure of sensitive information, or the modification of that resource by unintended parties. This is especially dangerous when the resource is related to program configuration, execution, or sensitive user data. For example, consider a misconfigured storage account for the cloud that can be read or written by a public or anonymous user.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-1 · CAPEC-122 · CAPEC-127 · CAPEC-17 · CAPEC-180 · CAPEC-206 · CAPEC-234 · CAPEC-60 · CAPEC-61 · CAPEC-62 · CAPEC-642

CVEs mapped to this weakness (623)

page 17 of 32
  • CVE-2026-33271MedApr 2, 2026
    risk 0.44cvss 6.7epss 0.00

    Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 42902.

  • CVE-2025-35999MedFeb 10, 2026
    risk 0.44cvss 6.7epss 0.00

    Incorrect permission assignment for critical resource for some System Firmware Update Utility (SysFwUpdt) for Intel(R) Server Boards and Intel(R) Server Systems Based before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software…

  • CVE-2025-14740MedFeb 4, 2026
    risk 0.44cvss 6.7epss 0.00

    Docker Desktop for Windows contains multiple incorrect permission assignment vulnerabilities in the installer's handling of the C:\ProgramData\DockerDesktop directory. The installer creates this directory without proper ownership verification, creating two exploitation…

  • CVE-2025-4952MedOct 31, 2025
    risk 0.44cvss epss 0.00

    Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration.

  • CVE-2025-11906MedOct 30, 2025
    risk 0.44cvss 6.7epss 0.00

    A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during…

  • CVE-2025-31702MedOct 15, 2025
    risk 0.44cvss 6.8epss 0.00

    A vulnerability exists in certain Dahua embedded products. Third-party malicious attacker with obtained normal user credentials could exploit the vulnerability to access certain data which are restricted to admin privileges, such as system-sensitive files through specific HTTP…

  • CVE-2025-8886MedOct 10, 2025
    risk 0.44cvss 6.7epss 0.00

    Incorrect Permission Assignment for Critical Resource, Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization, Incorrect Authorization vulnerability in Usta Information Systems Inc. Aybs Interaktif allows Privilege Abuse, Authentication Bypass. This…

  • CVE-2025-30408MedApr 24, 2025
    risk 0.44cvss 6.7epss 0.00

    Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39904, Acronis Cyber Protect 16 (Windows) before build 39938.

  • CVE-2024-27108MedMay 14, 2024
    risk 0.44cvss 6.8epss 0.00

    Non privileged access to critical file vulnerability in GE HealthCare EchoPAC products

  • CVE-2024-28589MedApr 3, 2024
    risk 0.44cvss 6.7epss 0.00

    An issue was discovered in Axigen Mail Server for Windows versions 10.5.18 and before, allows local low-privileged attackers to execute arbitrary code and escalate privileges via insecure DLL loading from a world-writable directory during service initialization.

  • CVE-2018-12028HigJun 17, 2018
    risk 0.44cvss 7.8epss 0.01

    An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malicious application, upon spawning a child process, to report an arbitrary different PID back to Passenger's process manager. If the malicious…

  • CVE-2018-12259MedJun 12, 2018
    risk 0.44cvss 6.8epss 0.00

    An issue was discovered on Momentum Axel 720P 5.1.8 devices. Root access can be obtained via UART pins without any restrictions, which leads to full system compromise.

  • CVE-2018-0352MedJun 7, 2018
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to elevate their privilege level to root. The attacker must have valid user credentials with super user privileges (level…

  • CVE-2018-7408HigFeb 22, 2018
    risk 0.44cvss 7.8epss 0.00

    An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's blog without mention of pre-release status). It might allow local users to bypass…

  • CVE-2018-0088MedJan 18, 2018
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010 Series Switches running Cisco IOS Software could allow an authenticated, local attacker to impact the stability of the device. This could result in arbitrary code execution or a denial…

  • CVE-2017-7307MedApr 4, 2017
    risk 0.44cvss 6.8epss 0.00

    Riverbed RiOS before 9.0.1 does not properly restrict shell access in single-user mode, which makes it easier for physically proximate attackers to obtain root privileges and access decrypted data by replacing the /opt/tms/bin/cli file.

  • CVE-2026-24732MedMar 4, 2026
    risk 0.43cvss epss 0.00

    Files or Directories Accessible to External Parties, Incorrect Permission Assignment for Critical Resource vulnerability in Hallo Welt! GmbH BlueSpice (Extension:NSFileRepo modules) allows Accessing Functionality Not Properly Constrained by ACLs, Bypassing Electronic Locks and…

  • CVE-2025-42997MedMay 13, 2025
    risk 0.43cvss 6.6epss 0.00

    Under certain conditions, SAP Gateway Client allows a high-privileged user to access restricted information beyond the scope of the application. Due to the possibility of influencing application behavior or performance through misuse of the exposed data, this may potentially…

  • CVE-2026-10997MedJun 4, 2026
    risk 0.42cvss 6.5epss 0.00

    Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. (Chromium security severity: Medium)

  • CVE-2026-42497HigMay 26, 2026
    risk 0.42cvss 7.5epss 0.00

    Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. _make_special_file() passes the tar header's linkname to link() without validating it against absolute paths or .. segments, creating a hardlink that…