CWE-250

Medium likelihood

Execution with Unnecessary Privileges

Parent: CWE-269 - Improper Privilege Management

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

326 vulnerabilities with CWE-250
CVE-2021-34591 HIGH
Bender CC612 and ICC15xx Firmware 5.11.0-5.11.1 - Authenticated Local Privilege Escalation via SUID Applications
CVSS 7.8
CVE-2021-3101 HIGH
Hotdog <1.0.1 - Privilege Escalation
CVSS 8.8
CVE-2021-3100 HIGH
Apache Log4j <log4j-cve-2021-44228-hotpatch-1.1-13 - Privilege Esca...
CVSS 8.8
CVE-2021-36339 HIGH
Dell EMC Virtual Appliances <9.2.2.2 - Privilege Escalation
CVSS 7.8
CVE-2021-34998 HIGH
Panda Security Free Antivirus 20.2.0.0 - Privilege Escalation
CVSS 7.8
CVE-2021-1118 HIGH
NVIDIA vGPU 8.0-8.9 - Privilege Escalation via Virtual GPU Manager
CVSS 7.8
CVE-2021-3576 HIGH
Bitdefender <7.2.1.65, <25.0.26 - Privilege Escalation
CVSS 7.8
CVE-2021-41035 CRITICAL
Eclipse Openj9 <0.29.0 - Info Disclosure
CVSS 9.8
CVE-2021-37174 HIGH
Siemens RUGGEDCOM ROX Firmware < 2.14.1 - Privilege Escalation to Root
CVSS 8.8
CVE-2021-1579 HIGH
Cisco APIC/Cloud APIC - Privilege Escalation
CVSS 8.1
CVE-2021-25653 HIGH
Avaya Aura Appliance Virtualization Platform 8.0.0.0-8.1.3.1 - Privilege Escalation
CVSS 8.0
CVE-2021-25651 HIGH
Avaya Aura Utility Services 7.0-7.1.2 - Privilege Escalation
CVSS 8.0
CVE-2021-25650 HIGH
Avaya Aura Utility Services 7.0-7.1.3 - Privilege Escalation via Crafted Script Execution
CVSS 7.7
CVE-2021-1528 HIGH
Cisco SD-WAN Software - Privilege Escalation
CVSS 7.8
CVE-2021-0256 MEDIUM
Juniper Networks Junos OS - Info Disclosure
CVSS 5.5
CVE-2021-0255 MEDIUM
Juniper Junos OS - Local Privilege Escalation via ethtraceroute Setuid Binary
CVSS 5.5
CVE-2021-27454 HIGH
GE Reason DR60 Firmware < 02a04.1 - Improper Privilege Management
CVSS 7.8
CVE-2021-27448 HIGH
MU320E <v04A00.1 - Privilege Escalation
CVSS 7.8
CVE-2021-0223 HIGH
Juniper Junos OS - Authenticated Local Privilege Escalation via telnetd.real Setuid Abuse
CVSS 7.8
CVE-2021-0204 HIGH
Juniper Networks Junos OS - Info Disclosure
CVSS 7.8
CVE-2020-36868 HIGH
Nagios XI <5.7.3 - Privilege Escalation
CVSS 7.8
CVE-2020-26074 HIGH
Cisco SD-WAN vManage Software - Privilege Escalation
CVSS 7.8
CVE-2020-27826 MEDIUM
Keycloak <12.0.0 - Privilege Escalation
CVSS 4.2
CVE-2020-26278 MEDIUM
Weave Net <2.8.0 - Privilege Escalation
CVSS 5.8
CVE-2020-14386 MEDIUM
Linux Kernel < 4.9.239 - Privilege Escalation via Memory Corruption
CVSS 6.7
Details
Vulnerabilities 326
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits