CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,487 vulnerabilities with CWE-276
CVE-2025-24207 CRITICAL
Apple Macos < 13.7.5 - Incorrect Default Permissions
CVSS 9.8
CVE-2025-24195 CRITICAL
Apple Macos < 13.7.5 - Incorrect Default Permissions
CVSS 9.8
CVE-2025-24172 CRITICAL
Apple Macos < 13.7.5 - Incorrect Default Permissions
CVSS 9.8
CVE-2025-24170 HIGH
Apple Macos < 13.7.5 - Incorrect Default Permissions
CVSS 7.8
CVE-2025-2782 MEDIUM
WatchGuard Terminal Services Agent <12.11 - Privilege Escalation
CVE-2025-2781 MEDIUM
WatchGuard Mobile VPN with SSL Client <12.11 - Privilege Escalation
CVE-2025-25535 CRITICAL
SCRIPT CASE v.1.0.002 Build7 - Privilege Escalation
CVSS 9.8
CVE-2025-27612 MEDIUM
Crates.io Libcontainer < 0.5.3 - Incorrect Default Permissions
CVSS 5.9
CVE-2025-24915 HIGH
Nessus Agent <10.8.3 - Privilege Escalation
CVSS 7.8
CVE-2025-27926 MEDIUM
Nintex Automation < 5.8 - Insufficiently Protected Credentials
CVSS 4.3
CVE-2025-20910 MEDIUM
Samsung Wear OS - Incorrect Default Permissions
CVSS 6.2
CVE-2025-24864 HIGH
RemoteView Agent <8.1.5.2 - Privilege Escalation
CVSS 7.8
CVE-2025-22447 HIGH
RemoteView Agent <8.1.5.2 - Privilege Escalation
CVSS 7.8
CVE-2025-27682 CRITICAL
Printerlogic Vasion Print < 20.0.1330 - Incorrect Default Permissions
CVSS 9.8
CVE-2025-27677 CRITICAL
Printerlogic Vasion Print < 20.0.1923 - Incorrect Default Permissions
CVSS 9.8
CVE-2025-27521 MEDIUM
Huawei HarmonyOS - Improper Access Control
CVSS 6.8
CVE-2025-27154 CRITICAL
Spotipy <2.25.1 - Info Disclosure
CVSS 9.8
CVE-2025-21106 MEDIUM
Dell Recoverpoint For Virtual Machines - Incorrect Default Permissions
CVSS 5.5
CVE-2025-24891 CRITICAL
Dumb Drop - Path Traversal
CVSS 9.6
CVE-2025-24795 MEDIUM
Snowflake Connector < 3.13.1 - Incorrect Default Permissions
CVSS 4.4
CVE-2025-24788 MEDIUM
Snowflake Connector < 4.3.0 - Incorrect Default Permissions
CVSS 5.0
CVE-2025-24790 MEDIUM
Snowflake Jdbc < 3.22.0 - Incorrect Default Permissions
CVSS 4.4
CVE-2025-0797 LOW
MicroWorld eScan Antivirus 7.0.32 - Info Disclosure
CVSS 3.3
CVE-2025-24826 MEDIUM
Acronis Snap Deploy <build 4625 - Privilege Escalation
CVSS 6.7
CVE-2025-24176 HIGH
Apple Macos < 13.7.3 - Incorrect Default Permissions
CVSS 7.1
Details
Vulnerabilities 1,487
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits