CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,834 vulnerabilities with CWE-269
CVE-2023-22809 HIGH
Sudoedit Extra Arguments Priv Esc
CVSS 7.8
CVE-2023-21848 HIGH
Oracle Communications Applications <3.0.3.1.0 - RCE
CVSS 8.8
CVE-2023-0221 MEDIUM
McAfee Application and Change Control < 8.3.4 - Authenticated Security Bypass via utilman Program
CVSS 4.4
CVE-2023-21774 HIGH
Windows Kernel - Privilege Escalation
CVSS 7.8
CVE-2023-21773 HIGH
Windows Kernel - Privilege Escalation
CVSS 7.8
CVE-2023-21772 HIGH
Windows Kernel - Privilege Escalation
CVSS 7.8
CVE-2023-21755 HIGH
Windows Kernel - Privilege Escalation
CVSS 7.8
CVE-2023-21730 HIGH
Microsoft Cryptographic Services - Privilege Escalation
CVSS 7.8
CVE-2023-21561 HIGH
Microsoft Cryptographic Services - Privilege Escalation
CVSS 7.8
CVE-2023-21552 HIGH
Windows GDI - Improper Privilege Management
CVSS 7.8
CVE-2023-21551 HIGH
Microsoft Cryptographic Services - Privilege Escalation
CVSS 7.8
CVE-2023-21549 HIGH
Windows SMB Witness Service - Privilege Escalation
CVSS 8.8
CVE-2023-21542 HIGH
Windows Installer - Privilege Escalation
CVSS 7.0
CVE-2023-21531 HIGH
Azure Service Fabric - Privilege Escalation
CVSS 7.0
CVE-2022-1804 MEDIUM
accountsservice < 22.07.5-2ubuntu1.3 - Improper Privilege Management
CVSS 5.5
CVE-2022-37019 MEDIUM
HP Elite and ProBook Firmware - Privilege Escalation and Code Execution
CVSS 6.8
CVE-2022-32931 MEDIUM
macOS < 13.0 - Unauthorized User Data Access by Root App
CVSS 5.5
CVE-2022-41700 MEDIUM
Intel(R) NUC Pro Software Suite <2.0.0.9 - Privilege Escalation
CVSS 6.7
CVE-2022-3701 HIGH
Lenovo System Update Plugin < 2.0.0.213 - Privilege Escalation via TOCTOU Race Condition
CVSS 7.8
CVE-2022-45451 HIGH
Acronis Agent < 30600 & Cyber Protect Home Office < 40173 - Local Privilege Escalation
CVSS 7.8
CVE-2022-48515 HIGH
Huawei EMUI and HarmonyOS - Improper Privilege Management in Nearby
CVSS 7.5
CVE-2022-45853 MEDIUM
Zyxel GS1900 Series Firmware V2.70 - Authenticated Privilege Escalation via SSH
CVSS 6.7
CVE-2022-45452 HIGH
Acronis Agent < 30430 and Cyber Protect 15 < 30984 - Local Privilege Escalation via Insecure Folder Permissions
CVSS 7.8
CVE-2022-3405 HIGH
Acronis Cyber Protect < 29486 and Cyber Backup < 16545 - Improper Privilege Management
CVSS 8.8
CVE-2022-47505 HIGH
SolarWinds Orion Platform < 2023.2 - Local Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 2,834
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits