CWE-276

Medium likelihood

Incorrect Default Permissions

Parent: CWE-732 - Incorrect Permission Assignment for Critical Resource

During installation, installed file permissions are set to allow anyone to modify those files.

1,510 vulnerabilities with CWE-276
CVE-2025-4660 CRITICAL
Forescout SecureConnector Windows Agent - Named Pipe Remote Code Execution
CVSS 9.8
CVE-2025-3528 HIGH
Mirror Registry - Privilege Escalation
CVSS 8.2
CVE-2025-46587 MEDIUM
Media Library Module - Info Disclosure
CVSS 6.2
CVE-2025-46586 MEDIUM
HarmonyOS - Missing Authorization in Contacts Module
CVSS 5.1
CVE-2025-43595 HIGH
MSP360 Backup 4.3.1.115 - Privilege Escalation via Insecure File Permissions
CVSS 7.8
CVE-2025-42598 HIGH
SEIKO EPSON printer drivers for Windows OS - Unauthenticated Arbitrary Code Execution via DLL Placement
CVSS 7.8
CVE-2025-32981 HIGH
NETSCOUT nGeniusONE < 6.4.0 - Insecure Default Permissions for nGeniusCLI File
CVSS 7.1
CVE-2025-24914 HIGH
Nessus <10.8.4 - Privilege Escalation
CVSS 7.8
CVE-2025-30706 HIGH
Oracle MySQL Connectors 9.0.0-9.2.0 - Incorrect Default Permissions
CVSS 7.5
CVE-2025-30701 HIGH
Oracle RAS Security 19.3-19.26, 21.3-21.17, 23.4-23.7 - Unauthorized Data Access and Modification via Oracle Net
CVSS 7.3
CVE-2025-3617 HIGH
Rockwell Automation ThinManager 14.0.0-14.0.1 - Privilege Escalation via Temporary Folder Permission Inheritance
CVSS 7.8
CVE-2025-23386 HIGH
openSUSE Tumbleweed gerbera <2.5.0-1.1 - Privilege Escalation
CVSS 7.8
CVE-2025-29801 HIGH
Microsoft AutoUpdate < 4.78 - Privilege Escalation via Incorrect Default Permissions
CVSS 7.8
CVE-2025-29570 HIGH
LBT-T300-T400 Firmware 3.2 - Privilege Escalation via tftp_image_check Function
CVSS 7.8
CVE-2025-29504 HIGH
student-manage 1 - Privilege Escalation via Unsafe Permission Verification
CVSS 7.8
CVE-2025-0014 HIGH
AMD Ryzen AI - Privilege Escalation
CVSS 7.3
CVE-2025-30465 CRITICAL
macOS Ventura <13.7.5 - Info Disclosure
CVSS 9.8
CVE-2025-24277 HIGH
macOS < 13.7.5, < 14.7.5, < 15.4 - Privilege Escalation via Directory Path Parsing
CVSS 7.8
CVE-2025-24267 HIGH
macOS < 13.7.5, < 14.7.5, < 15.4 - Privilege Escalation via Incorrect Default Permissions
CVSS 7.8
CVE-2025-24238 CRITICAL
iPadOS < 18.4 - Incorrect Default Permissions
CVSS 9.8
CVE-2025-24234 HIGH
macOS < 13.7.5, < 14.7.5, < 15.4 - Privilege Escalation to Root
CVSS 7.8
CVE-2025-24207 CRITICAL
macOS < 13.7.5, < 14.7.5, < 15.4 - Unauthorized iCloud Storage Enablement via Permissions Issue
CVSS 9.8
CVE-2025-24195 CRITICAL
macOS < 13.7.5, < 14.7.5, < 15.4 - Privilege Escalation via Integer Overflow
CVSS 9.8
CVE-2025-24172 CRITICAL
macOS < 13.7.5, < 14.7.5, < 15.4 - Unprotected User Data Exposure via Mail Preview Permissions
CVSS 9.8
CVE-2025-24170 HIGH
macOS < 13.7.5 and < 14.7.5 - Privilege Escalation via Improper File Handling
CVSS 7.8
Details
Vulnerabilities 1,510
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits