CWE-269

Medium likelihood

Improper Privilege Management

Parent: CWE-284 - Improper Access Control

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

2,836 vulnerabilities with CWE-269
CVE-2021-1688 HIGH
Windows CSC Service - Elevation of Privilege via Improper Privilege Management
CVSS 7.8
CVE-2021-1687 HIGH
Windows 10 - Elevation of Privilege in WalletService
CVSS 7.8
CVE-2021-1686 HIGH
Windows 10 - Elevation of Privilege in WalletService
CVSS 7.8
CVE-2021-1685 HIGH
Windows 10 and Windows Server 2016/2019 - Elevation of Privilege via AppX Deployment Extensions
CVSS 7.3
CVE-2021-1682 HIGH
Windows 10 and Windows Server 2016/2019 - Privilege Escalation
CVSS 7.0
CVE-2021-1681 HIGH
Windows 10 - Elevation of Privilege in WalletService
CVSS 7.8
CVE-2021-1680 HIGH
Visual Studio 2017 15.0-15.7 and 2019 < 16.7.0 - Elevation of Privilege via Diagnostics Hub Standard Collector
CVSS 7.8
CVE-2021-1662 HIGH
Windows 10 and Windows Server 2016/2019 - Elevation of Privilege via Event Tracing
CVSS 7.8
CVE-2021-1659 HIGH
Windows CSC Service - Elevation of Privilege via Improper Privilege Management
CVSS 7.8
CVE-2021-1657 HIGH
Windows Fax Compose Form - Remote Code Execution
CVSS 7.8
CVE-2021-1655 HIGH
Windows CSC Service - Improper Privilege Management
CVSS 7.8
CVE-2021-1654 HIGH
Windows CSC Service - Elevation of Privilege via Improper Privilege Management
CVSS 7.8
CVE-2021-1653 HIGH
Windows CSC Service - Elevation of Privilege via Improper Privilege Management
CVSS 7.8
CVE-2021-1652 HIGH
Windows CSC Service - Improper Privilege Management
CVSS 7.8
CVE-2021-1651 HIGH
Visual Studio 2017 15.0-15.8 and 2019 < 16.4 - Elevation of Privilege in Diagnostics Hub Standard Collector
CVSS 7.8
CVE-2021-1650 HIGH
Windows Runtime C++ Template Library - Elevation of Privilege
CVSS 7.8
CVE-2021-1649 HIGH
Windows - Elevation of Privilege via Active Template Library
CVSS 7.8
CVE-2021-1648 HIGH
Windows splwow64 - Improper Privilege Management
CVSS 7.8
CVE-2021-1646 MEDIUM
Windows 10 and Windows Server 2016/2019 - Elevation of Privilege in WLAN Service
CVSS 6.6
CVE-2021-1642 HIGH
Windows 10 and Windows Server 2016/2019 - Elevation of Privilege via AppX Deployment Extensions
CVSS 7.8
CVE-2021-0306 HIGH
Android 8.0-11 - Unauthenticated Privilege Escalation via Permission Bypass
CVSS 7.8
CVE-2021-1051 HIGH
NVIDIA GPU Display Driver - Privilege Escalation
CVSS 8.4
CVE-2020-9222 HIGH
Huawei FusionCompute - Privilege Escalation via Deserialization
CVSS 7.0
CVE-2020-9080 HIGH
Huawei Mate 20 Pro and Nova 5i Firmware < 10.0.0.125(c01e123r7p3) - Authenticated Local Privilege Escalation
CVSS 7.8
CVE-2020-15934 HIGH
FortiClient for Linux 6.2.7 and below, 6.4.0 - Privilege Escalation via VCM Engine
CVSS 8.8
Details
Vulnerabilities 2,836
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits