CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,511 vulnerabilities with CWE-276
CVE-2023-52545 HIGH
Huawei EMUI and HarmonyOS - Incorrect Default Permissions in Calendar App
CVSS 7.5
CVE-2023-52717 MEDIUM
Huawei EMUI and HarmonyOS - Incorrect Default Permissions in Lock Screen Module
CVSS 5.3
CVE-2023-28389 MEDIUM
Intel(R) CSME <2328.5.5.0 - Privilege Escalation
CVSS 6.7
CVE-2023-49338 HIGH
Couchbase Server <7.2.4 - Info Disclosure
CVSS 7.5
CVE-2023-48678 MEDIUM
Acronis Cyber Protect <16 - Info Disclosure
CVSS 5.5
CVE-2023-50975 HIGH
TD Bank TD Advanced Dashboard < 3.0.3 - Remote Code Execution via Electron RunAsNode Misconfiguration
CVSS 8.4
CVE-2023-7235 HIGH
OpenVPN GUI < 2.6.9 - Unauthenticated Arbitrary Code Execution via Installation Directory Permissions
CVSS 8.4
CVE-2023-42953 MEDIUM
iPadOS < 17.1 - Unprotected User Data Exposure via Permissions Issue
CVSS 5.5
CVE-2023-42945 MEDIUM
macOS Sonoma <14.1 - Privilege Escalation
CVSS 5.5
CVE-2023-42928 HIGH
iPadOS < 17.1 - Privilege Escalation
CVSS 7.8
CVE-2023-52379 HIGH
Huawei EMUI and HarmonyOS - Incorrect Default Permissions in CalendarProvider Module
CVSS 7.5
CVE-2023-52362 HIGH
Huawei EMUI and HarmonyOS - Incorrect Default Permissions in Lock Screen Module
CVSS 7.5
CVE-2023-49721 MEDIUM
LXD 5.0.0-5.20.9 - Insecure Default UEFI Shell Permissions
CVSS 6.7
CVE-2023-41231 MEDIUM
Intel Assistive Context-Aware Toolkit < 2.0.0 - Authenticated Privilege Escalation via Incorrect Default Permissions
CVSS 6.7
CVE-2023-40154 MEDIUM
Intel System Usage Report < 2.0.1901 - Privilege Escalation via Incorrect Default Permissions
CVSS 6.7
CVE-2023-34315 MEDIUM
Intel VROC < 8.0.8.1001 - Authenticated Privilege Escalation via Incorrect Default Permissions
CVSS 6.7
CVE-2023-29162 MEDIUM
Intel(R) C++ Compiler Classic <2021.8 - Privilege Escalation
CVSS 6.0
CVE-2023-28739 MEDIUM
Intel(R) Chipset Driver Software <10.1.19444.8378 - Privilege Escal...
CVSS 6.7
CVE-2023-38960 HIGH
RaidenFTPD <2.4.4005 - Privilege Escalation
CVSS 7.3
CVE-2023-50236 HIGH
Polarion ALM < 2404.0 - Privilege Escalation via Weak Installation Path Permissions
CVSS 7.8
CVE-2023-29081 MEDIUM
Suite Setups <InstallShield 2023 R2 - DoS
CVSS 5.5
CVE-2023-29244 MEDIUM
Intel ISH Driver <5.4.1.4479 - Privilege Escalation
CVSS 6.7
CVE-2023-6457 MEDIUM
Hitachi Tuning Manager <8.8.5-04 - Info Disclosure
CVSS 6.6
CVE-2023-50612 HIGH
fit2cloud CloudExplorer Lite 1.4.1 - Insecure Permissions via Cloud Accounts Parameter
CVSS 7.8
CVE-2023-5536 MEDIUM
Ubuntu Linux < 24.04 - Privilege Escalation via LXD Group Default Configuration
CVSS 5.0
Details
Vulnerabilities 1,511
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits