CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,661 vulnerabilities with CWE-732
CVE-2025-34212 CRITICAL
Vasion Print Virtual Appliance Host <22.0.843 & Application <20.0.1923 Supply Chain Attack
CVSS 9.8
CVE-2025-10541 HIGH
iMonitor EAM 9.6394 - Privilege Escalation
CVSS 7.8
CVE-2025-43808 MEDIUM
Liferay DXP 2023.Q3.1-2023.Q3.10 - Unauthenticated Virtual Product Access via Documents and Media
CVSS 5.3
CVE-2025-34206 CRITICAL
Vasion Print Virtual Appliance Host and Application - Cleartext Storage of Sensitive Information in /var/www/efs_storage
CVSS 9.8
CVE-2025-34189 HIGH
Vasion Print <1.0.735-20.0.1330 - Code Injection
CVSS 7.8
CVE-2025-54497 HIGH
Cognex In-Sight Explorer and In-Sight Camera Firmware - Privilege E...
CVSS 8.1
CVE-2025-52873 HIGH
Cognex In-Sight Explorer & Camera Firmware - Privilege Escalation
CVSS 8.1
CVE-2025-10643 CRITICAL
Wondershare Repairit - Unauthenticated Authentication Bypass via Storage Account Token
CVSS 9.1
CVE-2025-59349 LOW
Dragonfly < 2.1.0 - Incorrect Permission Assignment for Critical Resource via Directory Creation
CVSS 3.3
CVE-2025-0164 LOW
IBM QRadar SIEM <7.5.13 - Privilege Escalation
CVSS 2.3
CVE-2025-57392 HIGH
BenimPOS Masaustu 3.0.x - Insecure File Permissions
CVSS 7.8
CVE-2025-40804 CRITICAL
SIMATIC Virtualization as a Service - Info Disclosure
CVSS 9.1
CVE-2025-41664 HIGH
Service Runtime - Privilege Escalation
CVSS 7.5
CVE-2025-58372 HIGH
Roo Code <3.25.23 - Command Injection
CVSS 8.1
CVE-2025-10059 MEDIUM
MongoDB 6.0.0-6.0.23 - Denial of Service via Improper lsid Field Handling
CVSS 6.5
CVE-2025-23258 HIGH
NVIDIA DOCA collectx-dpeserver 2.5-2.5.3 2.9-2.9.2 2.10 - Privilege Escalation
CVSS 7.3
CVE-2025-23257 HIGH
NVIDIA DOCA collectx-clxapidev < 2.9.3 and 2.10 - Privilege Escalation via Incorrect Permission Assignment
CVSS 7.3
CVE-2025-36193 HIGH
IBM Transformation Advisor 2.0.1-4.3.1 - Privilege Escalation via Incorrect File Permissions
CVSS 8.4
CVE-2025-43268 HIGH
macOS Sequoia <15.6 - Privilege Escalation
CVSS 7.8
CVE-2025-9578 HIGH
Acronis Cyber Protect Cloud Agent <40734 - Privilege Escalation
CVSS 7.8
CVE-2025-53396 HIGH
SS1 <16.0.0.10 - Privilege Escalation
CVSS 7.0
CVE-2025-43729 HIGH
Dell ThinOS < 2508 - Incorrect Permission Assignment for Critical Resource
CVSS 7.8
CVE-2025-30063 CRITICAL
CGM CLININET < 2024.MS4 - Unprotected Credential Exposure via Configuration File
CVE-2025-0093 HIGH
Android - Unapproved Data Access via Missing Permission Check in AdapterService
CVSS 7.5
CVE-2025-4609 CRITICAL
Google Chrome <136.0.7103.113 - Sandbox Escape
CVSS 9.6
Details
Vulnerabilities 1,661
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits