CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,512 vulnerabilities with CWE-276
CVE-2023-32492 MEDIUM
Dell PowerScale OneFS 9.2.1.0-9.2.1.21 and 9.5.0.0-9.5.0.2 - Incorrect Default Permissions
CVSS 5.3
CVE-2023-32663 MEDIUM
Intel Realsense Software Development Kit < 0.25.0 - Incorrect Default Permissions
CVSS 6.7
CVE-2023-32547 MEDIUM
MAVinci Desktop Software < 6.2 - Authenticated Privilege Escalation via Incorrect Default Permissions
CVSS 6.7
CVE-2023-32543 MEDIUM
Intel Intelligent Test System < 3.1 - Authenticated Privilege Escalation via Incorrect Default Permissions
CVSS 6.7
CVE-2023-31246 MEDIUM
Intel(R) SDP Tool <1.4.5 - Privilege Escalation
CVSS 6.7
CVE-2023-27505 MEDIUM
Intel Advanced Link Analyzer < 22.1 - Authenticated Privilege Escalation via Incorrect Default Permissions
CVSS 6.7
CVE-2023-27392 MEDIUM
Intel Support < v23.02.07 - Incorrect Default Permissions
CVSS 4.4
CVE-2023-33745 CRITICAL
TeleAdapt RoomCast TA-2400 <3.1 - Privilege Escalation
CVSS 9.8
CVE-2023-38410 HIGH
iOS <16.6- iPadOS <16.6 - Privilege Escalation
CVSS 7.8
CVE-2023-3323 MEDIUM
ABB Ability zenon <11.106404 - Info Disclosure
CVSS 5.9
CVE-2023-26077 HIGH
Atera Agent <1.8.3.6 - Path Traversal
CVSS 7.8
CVE-2023-38335 MEDIUM
Omnis Studio 10.22.00 - Auth Bypass
CVSS 5.3
CVE-2023-38334 MEDIUM
Omnis Studio 10.22.00 - Privilege Escalation
CVSS 6.5
CVE-2023-31462 HIGH
SteelSeries GG <36.0.0 - Privilege Escalation
CVSS 8.8
CVE-2023-29131 HIGH
SIMATIC CN 4100 <V2.5 - Auth Bypass
CVSS 7.4
CVE-2023-32183 HIGH
openSUSE Tumbleweed hawk2 - Privilege Escalation via Incorrect Default Permissions
CVSS 7.8
CVE-2023-21513 MEDIUM
CC Mode <SMR Jun-2023 Release 1 - Privilege Escalation
CVSS 6.1
CVE-2023-21512 LOW
Knox ID <SMR Jun-2023 Release 1 - Info Disclosure
CVSS 2.4
CVE-2023-21187 HIGH
Android 13 - Local Privilege Escalation via UsbAccessoryUriActivity Logic Error
CVSS 7.8
CVE-2023-21175 HIGH
Android 13 - Local Privilege Escalation via DataUsageSummary Permissions Bypass
CVSS 7.8
CVE-2023-20178 HIGH
Cisco AnyConnect Secure Mobility Client and Secure Client - Privilege Escalation
CVSS 7.8
CVE-2023-30902 MEDIUM
Trend Micro Apex One < 14.0.12105 - Privilege Escalation via Registry Key Deletion
CVSS 5.5
CVE-2023-32407 MEDIUM
iPadOS < 15.7.6 - Privacy Preferences Bypass via Logic Issue
CVSS 5.5
CVE-2023-32405 HIGH
macOS 11.0-11.7.6 - Privilege Escalation to Root via Logic Issue
CVSS 7.8
CVE-2023-32404 MEDIUM
iPadOS 16.0-16.5 - Privacy Preferences Bypass via Incorrect Default Permissions
CVSS 5.5
Details
Vulnerabilities 1,512
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits