VYPR

CWE-732

Incorrect Permission Assignment for Critical Resource

ClassDraftLikelihood: High

Description

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

When a resource is given a permission setting that provides access to a wider range of actors than required, it could lead to the exposure of sensitive information, or the modification of that resource by unintended parties. This is especially dangerous when the resource is related to program configuration, execution, or sensitive user data. For example, consider a misconfigured storage account for the cloud that can be read or written by a public or anonymous user.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-1 · CAPEC-122 · CAPEC-127 · CAPEC-17 · CAPEC-180 · CAPEC-206 · CAPEC-234 · CAPEC-60 · CAPEC-61 · CAPEC-62 · CAPEC-642

CVEs mapped to this weakness (623)

page 6 of 32
  • CVE-2017-0784HigSep 8, 2017
    risk 0.57cvss 8.8epss 0.00

    A elevation of privilege vulnerability in the Android system (nfc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37287958.

  • CVE-2017-11422HigJul 24, 2017
    risk 0.57cvss 8.8epss 0.01

    Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc.

  • CVE-2017-1000022HigJul 17, 2017
    risk 0.57cvss 8.8epss 0.01

    LogicalDoc Community Edition 7.5.3 and prior contain an Incorrect access control which could leave to privilege escalation.

  • CVE-2017-5199HigMar 24, 2017
    risk 0.57cvss 8.8epss 0.03

    The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allows remote authenticated users to execute arbitrary code by editing /usr/local/contego/scripts/mgrconfig.pl.

  • CVE-2017-2290HigMar 3, 2017
    risk 0.57cvss 8.8epss 0.01

    On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create an executable that will be executed with administrator privileges on the next "mco puppet" run. Puppet Enterprise users are not affected. This is resolved in…

  • CVE-2017-0311HigFeb 15, 2017
    risk 0.57cvss 8.8epss 0.00

    NVIDIA GPU Display Driver R378 contains a vulnerability in the kernel mode layer handler where improper access control may lead to denial of service or possible escalation of privileges.

  • CVE-2007-6033HigNov 20, 2007
    risk 0.57cvss 8.8epss 0.03

    Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full Control), which allows remote authenticated attackers, and possibly anonymous users, to execute arbitrary programs.

  • CVE-2025-34025HigMay 21, 2025
    risk 0.56cvss epss 0.00

    The Versa Concerto SD-WAN orchestration platform is vulnerable to an privileges escalation and container escape vulnerability caused by unsafe default mounting of host binary paths that allow the container to modify host paths. The escape can be used to trigger remote code…

  • CVE-2024-10526HigNov 7, 2024
    risk 0.56cvss epss 0.00

    Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a vulnerability whereby it creates the installation directory with WRITE_DACL permission to the BUILTIN\\Users group. This allows local users who are not administrators to grant themselves the Full Control…

  • CVE-2018-11454HigAug 7, 2018
    risk 0.56cvss 8.6epss 0.00

    A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions < V13 SP2 Update 2), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions…

  • CVE-2026-9789HigMay 28, 2026
    risk 0.55cvss epss 0.00

    A Local Privilege Escalation (LPE) vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe with a weak Access Control List (ACL). This allows any authenticated local user to…

  • CVE-2026-9489HigMay 25, 2026
    risk 0.55cvss epss 0.00

    NitroSense 3.x before 3.01.3052 contains Local Privilege Escalation (LPE) vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute…

  • CVE-2026-8069HigMay 8, 2026
    risk 0.55cvss epss 0.00

    PredatorSense version 3.00.3136 to 3.00.3196 contain Local Privilege Escalation (LPE) vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user…

  • CVE-2025-12985HigJan 20, 2026
    risk 0.55cvss 8.4epss 0.00

    IBM Licensing Operator incorrectly assigns privileges to security critical files which could allow a local root escalation inside a container running the IBM Licensing Operator image.

  • CVE-2021-47756HigJan 16, 2026
    risk 0.55cvss 8.4epss 0.00

    Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows users to modify the valet command with root privileges. Attackers can edit the symlinked valet command to execute arbitrary code with root permissions without additional…

  • CVE-2022-50690HigDec 22, 2025
    risk 0.55cvss 8.4epss 0.00

    Wondershare MirrorGo 2.0.11.346 contains a local privilege escalation vulnerability due to incorrect file permissions on executable files. Unprivileged local users can replace the ElevationService.exe with a malicious file to execute arbitrary code with LocalSystem privileges.

  • CVE-2023-53949HigDec 19, 2025
    risk 0.55cvss 8.4epss 0.00

    AspEmail 5.6.0.2 contains a binary permission vulnerability that allows local users to escalate privileges through the Persits Software EmailAgent service. Attackers can exploit full write permissions in the BIN directory to replace the service executable and gain elevated…

  • CVE-2025-59373HigNov 25, 2025
    risk 0.55cvss epss 0.00

    A local privilege escalation vulnerability exists in the restore mechanism of ASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validation into protected system paths, potentially leading to arbitrary files being…

  • CVE-2025-11921HigNov 24, 2025
    risk 0.55cvss epss 0.01

    iStats contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via command injection.This issue affects iStats: 7.10.4.

  • CVE-2025-40672HigMay 26, 2025
    risk 0.55cvss epss 0.00

    A Privilege Escalation vulnerability has been found in Panloader component v3.24.0.0 by Espiral MS Group. This vulnerability allows any user to override the file panLoad.exe that will be executed by SYSTEM user via a programmed task. This would allow an attacker to obtain…