CWE-1188

Initialization of a Resource with an Insecure Default

Parent: CWE-1419 - Incorrect Initialization of Resource

The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.

288 vulnerabilities with CWE-1188
CVE-2021-40825 HIGH
nLight ECLYPSE <1.17.21245.754 - Default Key
CVSS 8.6
CVE-2021-0114 MEDIUM
Intel(R) Processors - Privilege Escalation
CVSS 6.7
CVE-2021-35965 CRITICAL
Orca HCM < 10.0 - Unauthenticated Administrator Account Takeover via Hardcoded Default Password
CVSS 9.8
CVE-2021-0144 MEDIUM
Intel BSSA DFT - Privilege Escalation
CVSS 6.7
CVE-2021-35336 CRITICAL
Tieline IP Audio Gateway <2.6.4.8 - Privilege Escalation
CVSS 9.8
CVE-2021-0534 HIGH
Android - Local Privilege Escalation via Insecure Default Broadcast Protection
CVSS 7.8
CVE-2021-34203 HIGH
D-Link DIR-2640-US 1.01B04 - Privilege Escalation
CVSS 8.1
CVE-2021-21505 HIGH
Dell EMC Integrated System for Microsoft Azure Stack Hub <2011 - Pr...
CVSS 8.0
CVE-2021-0468 MEDIUM
Android - Local Privilege Escalation via Insecure Default Value in LK
CVSS 6.6
CVE-2021-28123 CRITICAL
Cohesity DataPlatform <6.3.1g, 6.4-6.4.1c, 6.5.1-6.5.1b - RCE
CVSS 9.8
CVE-2020-11917 MEDIUM
Siime Eye 14.1.00000001.3.330.0.0.3.14 - Privacy Violation via Default SSID
CVSS 4.3
CVE-2020-12732 MEDIUM
DEPSTECH WiFi Digital Microscope 3 - SSRF
CVSS 6.5
CVE-2020-11915 MEDIUM
Svakom Siime Eye <14.1 - Privilege Escalation
CVSS 6.8
CVE-2020-10552 HIGH
Psyprax < 3.2.2 - Unauthenticated Database Access via Default Credentials
CVSS 8.1
CVE-2020-0019 MEDIUM
Android Broadcom Nexus Firmware - Insecure Default Password
CVSS 5.5
CVE-2020-0099 HIGH
Android 8.0-10 - Unauthenticated Local Privilege Escalation via Tapjacking
CVSS 7.8
CVE-2020-4001 CRITICAL
SD-WAN Orchestrator <4.0 - Default Password
CVSS 9.8
CVE-2020-27555 CRITICAL
BASETech GE-131 BT-1837836 Firmware 20180921 - Unauthenticated Remote Code Execution via Default Telnet Credentials
CVSS 9.8
CVE-2020-26510 CRITICAL
Airleader Master <= 6.21 - Unauthenticated Remote Code Execution via Default Credentials
CVSS 9.8
CVE-2020-12336 HIGH
Intel(R) NUC - Privilege Escalation
CVSS 7.8
CVE-2020-12327 MEDIUM
Intel Thunderbolt DCH Driver < 72 - Information Disclosure via Insecure Default Variable Initialization
CVSS 4.4
CVE-2020-8705 MEDIUM
Intel(R) Boot Guard <11.8.80-14.5.25 - Privilege Escalation
CVSS 6.8
CVE-2020-13927 CRITICAL KEV
Apache Airflow < 1.10.11 - Unauthenticated Remote Code Execution via Experimental API
CVSS 9.8
CVE-2020-11489 HIGH
Intel BMC Firmware < 3.38.30 - Default SNMP Community String Information Disclosure
CVSS 7.5
CVE-2020-0416 HIGH
Android - Local Privilege Escalation via Tapjacking in Settings Screens
CVSS 8.8
Details
Vulnerabilities 288
Links
MITRE CWE Entry Search this CWE With Exploits