CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,510 vulnerabilities with CWE-276
CVE-2025-0543 HIGH
G DATA Security Client - Privilege Escalation
CVSS 7.8
CVE-2025-0542 HIGH
G DATA Management Server - Privilege Escalation
CVSS 7.8
CVE-2025-24399 HIGH
Jenkins Openid Connect Authentication - Incorrect Default Permissions
CVSS 8.8
CVE-2025-21532 HIGH
Oracle Analytics Desktop < 8.1.0 - Incorrect Default Permissions in Install Component
CVSS 7.8
CVE-2024-43166 CRITICAL
Apache DolphinScheduler <3.2.2 - Info Disclosure
CVSS 9.8
CVE-2024-46916 HIGH
Diebold Nixdorf Vynamic Security Suite <= 4.3.0sr06 - Improper Access Control via Early Filesystem Deletion
CVSS 8.1
CVE-2024-55398 MEDIUM
4cstrategies exonaut < 22.4 - Incorrect Default Permissions
CVSS 6.5
CVE-2024-13972 HIGH
Intercept X for Windows <2024.3.2 - Privilege Escalation
CVSS 8.8
CVE-2024-13948 HIGH
ASPECT-Enterprise <3.* - Info Disclosure
CVSS 7.3
CVE-2024-45067 HIGH
Intel(R) Gaudi(R) <1.18 - Privilege Escalation
CVSS 8.2
CVE-2024-47550 MEDIUM
Endurance Gaming Mode - Privilege Escalation
CVSS 6.7
CVE-2024-28954 MEDIUM
Intel(R) Graphics Driver - Privilege Escalation
CVSS 6.7
CVE-2024-36339 HIGH
AMD Optimizing CPU Libraries - Privilege Escalation
CVSS 7.3
CVE-2024-21960 HIGH
AMD Optimizing CPU Libraries (AOCL) >=4.2.1 - Incorrect Default Permissions
CVSS 7.3
CVE-2024-53351 CRITICAL
PipeCD < 0.49.3 - Unauthenticated Privilege Escalation via Insecure Service Account Token Permissions
CVSS 9.8
CVE-2024-54564 MEDIUM
iPadOS < 17.6 - Unprotected File Execution via AirDrop Quarantine Bypass
CVSS 6.5
CVE-2024-0245 MEDIUM
hamza417/inure < build97 - Privilege Escalation
CVSS 5.5
CVE-2024-58050 MEDIUM
HarmonyOS - Improper Access Permission in HDC Module
CVSS 6.2
CVE-2024-58049 MEDIUM
HarmonyOS - Incorrect Default Permissions in Media Library Module
CVSS 5.0
CVE-2024-58047 MEDIUM
HarmonyOS - Incorrect Default Permissions in Media Library Module
CVSS 5.0
CVE-2024-58046 MEDIUM
Lock Screen Module - Info Disclosure
CVSS 6.2
CVE-2024-58044 HIGH
Huawei EMUI and HarmonyOS - Permission Verification Bypass in Notification Module
CVSS 8.4
CVE-2024-56525 CRITICAL
PKP OJS/OMP/OPS <3.3.0.21 & <3.4.0.8 - XSS
CVSS 9.8
CVE-2024-57604 CRITICAL
ezBookkeeping 0.7.0 - Privilege Escalation via Token Component
CVSS 9.8
CVE-2024-51440 HIGH
Nothing Tech Nothing OS <2.6 - Privilege Escalation
CVSS 7.8
Details
Vulnerabilities 1,510
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits