CWE-732

High likelihood

Incorrect Permission Assignment for Critical Resource

Parent: CWE-285 - Improper Authorization

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

1,622 vulnerabilities with CWE-732
CVE-2025-32915 MEDIUM
Checkmk - Incorrect Permission Assignment
CVSS 5.5
CVE-2025-3944 HIGH
Tridium Niagara <4.14.2-4.15.1-4.10.11 - File Manipulation
CVSS 7.2
CVE-2025-3936 MEDIUM
Tridium Niagara <4.14.2-4.15.1-4.10.11 - Privilege Escalation
CVSS 6.5
CVE-2025-2759 HIGH
Gstreamer < 1.25.1 - Incorrect Permission Assignment
CVSS 7.8
CVE-2025-34025 HIGH
Versa Concerto <12.2.0 - Privilege Escalation
CVE-2025-31262 MEDIUM
Apple Ipados < 18.3 - Incorrect Permission Assignment
CVSS 5.5
CVE-2025-40574 HIGH
Siemens Scalance Lpe9403 Firmware - Incorrect Permission Assignment
CVSS 7.8
CVE-2025-40572 MEDIUM
Siemens Scalance Lpe9403 Firmware - Incorrect Permission Assignment
CVSS 5.5
CVE-2025-24009 MEDIUM
SIRIUS < All - Info Disclosure
CVSS 5.9
CVE-2025-42997 MEDIUM
SAP Gateway Client - Info Disclosure
CVSS 6.6
CVE-2025-26169 HIGH
IXON VPN Client <1.4.4 - Privilege Escalation
CVSS 8.1
CVE-2025-26168 HIGH
IXON VPN Client <1.4.4 - Privilege Escalation
CVSS 8.1
CVE-2025-23245 MEDIUM
NVIDIA vGPU - DoS
CVSS 5.5
CVE-2025-3395 HIGH
ABB Automation Builder <2.8.0 - Info Disclosure
CVSS 7.1
CVE-2025-3394 HIGH
ABB Automation Builder <2.8.0 - Privilege Escalation
CVSS 7.8
CVE-2025-30408 MEDIUM
Acronis Cyber Protect <39904/39938 - Privilege Escalation
CVSS 6.7
CVE-2025-0926 MEDIUM
Axis Camera Station Pro < 6.8.43213 - Incorrect Permission Assignment
CVSS 5.9
CVE-2025-1731 HIGH
Zyxel Uos < 1.32 - Incorrect Permission Assignment
CVSS 7.8
CVE-2025-0758 MEDIUM
Hitachi Vantara Pentaho <10.2.0.2 - Info Disclosure
CVSS 6.1
CVE-2025-30708 HIGH
Oracle User Management < 12.2.14 - Incorrect Permission Assignment
CVSS 7.5
CVE-2025-30688 MEDIUM
Oracle Mysql Server < 8.0.41 - Incorrect Permission Assignment
CVSS 6.5
CVE-2025-30687 MEDIUM
Oracle Mysql Server < 8.0.41 - Incorrect Permission Assignment
CVSS 6.5
CVE-2025-30685 MEDIUM
Oracle Mysql Server < 8.0.41 - Incorrect Permission Assignment
CVSS 4.9
CVE-2025-30684 MEDIUM
Oracle Mysql Server < 8.0.41 - Incorrect Permission Assignment
CVSS 4.9
CVE-2025-30683 MEDIUM
Oracle Mysql Server < 8.0.41 - Incorrect Permission Assignment
CVSS 4.9
Details
Vulnerabilities 1,622
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits