CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,772 vulnerabilities with CWE-269
CVE-2025-13918 MEDIUM
Symantec Endpoint Protection <14.3 RU10 Patch 1-8 - Privilege Escal...
CVSS 6.7
CVE-2025-13917 HIGH
WSS Agent <9.8.5 - Privilege Escalation
CVSS 7.0
CVE-2025-59094 HIGH
Kaba exos 9300 - Privilege Escalation
CVE-2025-66428 HIGH
WordPress Toolkit <6.9.1 - Privilege Escalation
CVSS 8.8
CVE-2025-14533 CRITICAL
Advanced Custom Fields: Extended <0.9.2.1 - Privilege Escalation
CVSS 9.8
CVE-2025-15403 CRITICAL
RegistrationMagic <6.0.7.1 - Privilege Escalation
CVSS 9.8
CVE-2025-67246 HIGH
Ludashi Driver < 5.1025 - Unauthenticated Local Information Disclosure via IOCTL Handler
CVSS 7.3
CVE-2025-37186 HIGH
HPE Aruba VIA - Privilege Escalation
CVSS 7.8
CVE-2025-36640 HIGH
Nessus Agent Tray App - Privilege Escalation
CVSS 8.8
CVE-2025-14736 CRITICAL
Frontend Admin by DynamiApps <3.28.25 - Privilege Escalation
CVSS 9.8
CVE-2025-66315 MEDIUM
ZTE MF258K Pro - Privilege Escalation
CVSS 4.3
CVE-2025-47411 HIGH
Apache StreamPipes <= 0.97.0 - Privilege Escalation via JWT Token Manipulation
CVSS 8.1
CVE-2025-69257 MEDIUM
theshit < 0.1.1 - Privilege Escalation via Untrusted Configuration File Execution
CVSS 6.7
CVE-2025-68697 HIGH
n8n < 2.0.0 - Authenticated Arbitrary File Read and Write via Code Node Helper Functions
CVSS 7.1
CVE-2025-52599 MEDIUM
Hanwha Vision Camera Firmware < 2.23.01 - Improper Privilege Management for Guest Account
CVSS 6.5
CVE-2025-57840 LOW
Honor Magic OS < 9.0.0.169 - Privilege Escalation via ADB
CVSS 2.2
CVE-2025-67826 HIGH
K7 Ultimate Security 17.0.2045 - Local Privilege Escalation via Named Pipe Registry Key Manipulation
CVSS 7.7
CVE-2025-13619 CRITICAL
Flex Store Users <1.1.0 - Privilege Escalation
CVSS 9.8
CVE-2025-58053 CRITICAL
Galette < 1.2.0 - Privilege Escalation via Forged POST Request
CVSS 9.8
CVE-2025-66173 MEDIUM
Hikvision DVR - Privilege Escalation
CVSS 6.2
CVE-2025-67793 CRITICAL
DriveLock 24.1-24.1.*, 24.2-24.2.*, 25.1 < 25.1.6 - Privilege Escalation via Role Promotion API
CVSS 9.8
CVE-2025-67792 HIGH
DriveLock 24.1-24.1.6, 24.2-24.2.7, 25.1-25.1.5 - Local Privilege Escalation
CVSS 7.8
CVE-2025-67781 CRITICAL
DriveLock 24.1-24.1.5, 24.2-24.2.6, 25.1-25.1.4 - Privilege Escalation
CVSS 9.9
CVE-2025-14252 HIGH
Advantech SUSI <5.0.24335 - Privilege Escalation
CVSS 7.8
CVE-2025-43512 HIGH
macOS Tahoe <26.2 - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 2,772
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits