CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,777 vulnerabilities with CWE-269
CVE-2025-10578 HIGH
HP Support Assistant < 9.47.41.0 - Local Privilege Escalation via Arbitrary File Write
CVSS 7.8
CVE-2025-7779 HIGH
Acronis True Image <build 42389 - Privilege Escalation
CVSS 8.8
CVE-2025-10657 HIGH
Docker Desktop 4.46.0 - Improper Privilege Management via Enhanced Container Isolation Command Restrictions Bypass
CVE-2025-55187 CRITICAL
DriveLock <24.1.5, <24.2.6, <25.1.4 - Privilege Escalation
CVSS 9.9
CVE-2025-5494 LOW
Zohocorp Manageengine Endpoint Central < 11.4.2500.26 - Improper Privilege Management
CVSS 3.9
CVE-2025-9966 HIGH
Novakon P series - Privilege Escalation
CVE-2025-9038 HIGH
GE Vernova S1 Agile Config <3.1 - Privilege Escalation
CVE-2025-57396 MEDIUM
Tandoor Recipes 2.0.0-alpha-1 - Privilege Escalation via User Profile API Endpoint
CVSS 6.5
CVE-2025-54761 HIGH
PPress 0.0.9 - Privilege Escalation
CVSS 8.0
CVE-2025-34204 CRITICAL
Vasion Virtual Appliance Host and Application - Improper Privilege Management via Root-User Docker Containers
CVSS 9.8
CVE-2025-10650 LOW
SoftIron HyperCloud <2.6.3 - Privilege Escalation
CVE-2025-58432 HIGH
ZimaOS < 1.4.1 - Unauthenticated Arbitrary File Write via /v2_1/files/file/uploadV2 Endpoint
CVSS 7.8
CVE-2025-37123 HIGH
HPE Aruba Networking EdgeConnect - Privilege Escalation
CVSS 8.8
CVE-2025-34187 HIGH
Ilevia EVE X1/X5 Server <= 4.7.18.0.eden - OS Command Injection via Sudoers Misconfiguration
CVSS 8.8
CVE-2025-43333 HIGH
macOS Tahoe 26 - Privilege Escalation
CVSS 7.8
CVE-2025-57118 CRITICAL
PHPGurukul Online-Library-Management-System 3.0 - Privilege Escalation via index.php
CVSS 9.8
CVE-2025-9059 HIGH
Altiris Core Agent Updater - Privilege Escalation
CVE-2025-50892 HIGH
EaseUs Todo Backup <1.2.0.1 - Privilege Escalation
CVSS 7.8
CVE-2025-53914 HIGH
Calix GigaCenter ONT - Privilege Escalation
CVE-2025-53913 HIGH
Calix GigaCenter ONT - Privilege Escalation
CVE-2025-52915 HIGH
K7RKScan.sys 23.0.0.10 - Privilege Escalation
CVSS 7.2
CVE-2025-40594 MEDIUM
SINAMICS G220/S200/S210 V6.4 < HF2/7/2 - Unauthenticated Privilege Escalation via Factory Reset
CVSS 6.3
CVE-2025-43722 MEDIUM
Dell PowerScale OneFS < 9.12.0.0 - Privilege Escalation
CVSS 6.7
CVE-2025-32345 HIGH
Android - Improper Privilege Management in ContentProtectionTogglePreferenceController
CVSS 7.8
CVE-2025-26462 HIGH
Android - Local Privilege Escalation via AccessibilityServiceConnection Logic Error
CVSS 7.8
Details
Vulnerabilities 2,777
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits