CWE-276— Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.— MITRE CWE catalog
1,638 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-276page 29 of 33
- CVE-2025-15337MEDIUMCVSS 6.5EG 6.52026-02-05
Tanium addressed an incorrect default permissions vulnerability in Patch.
- CVE-2025-15338MEDIUMCVSS 6.5EG 6.52026-02-05
Tanium addressed an incorrect default permissions vulnerability in Partner Integration.
- CVE-2025-15339MEDIUMCVSS 6.5EG 6.52026-02-05
Tanium addressed an incorrect default permissions vulnerability in Discover.
- CVE-2025-15340MEDIUMCVSS 6.5EG 6.52026-02-05
Tanium addressed an incorrect default permissions vulnerability in Comply.
- CVE-2025-15341MEDIUMCVSS 6.5EG 6.52026-02-05
Tanium addressed an incorrect default permissions vulnerability in Benchmark.
- CVE-2025-15343MEDIUMCVSS 6.5EG 6.52026-02-05
Tanium addressed an incorrect default permissions vulnerability in Enforce.
- CVE-2025-15523MEDIUMCVSS 4.8EG 4.82026-01-22
MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interprete…
- CVE-2025-15642MEDIUMCVSS 6.8EG 6.82026-06-17
Netskope is notified about a potential gap in its Netskoped Client for Windows systems where a malicious insider with admin privileges can lead to bypassing the NSClient Tamper Protections due to weak Discretionary Access Control List (DAC…
- CVE-2025-1699LOWCVSS 2.8EG 2.82025-06-11
An incorrect default permissions vulnerability was reported in the MotoSignature application that could result in unauthorized access.
- CVE-2025-1789HIGHCVSS 7.8EG 7.82026-02-24
Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user could exploit this vulnerability to gain elevated privileges on the affected system.
- CVE-2025-20023MEDIUMCVSS 6.7EG 6.72025-08-12
Incorrect default permissions for some Intel(R) Graphics Driver software installers may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2025-20087MEDIUMCVSS 6.7EG 6.72025-08-12
Incorrect default permissions for some Intel(R) oneAPI DPC++/C++ Compiler software installers may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2025-20095MEDIUMCVSS 6.7EG 6.72025-05-13
Incorrect Default Permissions for some Intel(R) RealSense™ SDK software before version 2.56.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2025-20156CRITICALCVSS 9.9EG 9.92025-01-22
A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administrator on an affected device. This vulnerability exists because proper authoriz…
- CVE-2025-20910MEDIUMCVSS 6.2EG 6.22025-03-06
Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access data in Galaxy Watch Gallery.
- CVE-2025-20984MEDIUMCVSS 6.8EG 6.82025-06-04
Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in Samsung Cloud for Galaxy Watch.
- CVE-2025-21106MEDIUMCVSS 5.5EG 5.52025-02-20
Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low privileged Local attacker could potentially exploit this vulnerability, leading to impacting only non-sensitive resources in the syst…
- CVE-2025-21532HIGHCVSS 7.8EG 7.82025-01-21
Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). Supported versions that are affected are Prior to 8.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the inf…
- CVE-2025-22425MEDIUMCVSS 5.1EG 5.12025-09-04
In onCreate of InstallStart.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for expl…
- CVE-2025-22447HIGHCVSS 7.8EG 7.82025-03-06
Incorrect access permission of a specific service issue exists in RemoteView Agent (for Windows) versions prior to v8.1.5.2. If this vulnerability is exploited, a non-administrative user on the remote PC may execute an arbitrary OS command…
- CVE-2025-22849MEDIUMCVSS 6.7EG 6.72026-02-10
Incorrect default permissions for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_01.00.00.3584, CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. U…
- CVE-2025-23105HIGHCVSS 7.8EG 7.82025-06-02
An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation.
- CVE-2025-23297HIGHCVSS 7.8EG 7.82025-10-01
NVIDIA Installer for NvAPP for Windows contains a vulnerability in the FrameviewSDK installation process, where an attacker with local unprivileged access could modify files in the Frameview SDK directory. A successful exploit of this vuln…
- CVE-2025-23347HIGHCVSS 7.8EG 7.82025-10-23
NVIDIA Project G-Assist contains a vulnerability where an attacker might be able to escalate permissions. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service,…
- CVE-2025-23386HIGHCVSS 7.8EG 7.82025-04-10
A Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed package gerbera allows the service user gerbera to escalate to root.,This issue affects gerbera on openSUSE Tumbleweed before 2.5.0-1.1.
- CVE-2025-24085CRITICALCVSS 10.0EG 10.0⚠ KEV2025-01-27
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. A m…
- CVE-2025-24093CRITICALCVSS 9.8EG 9.82025-01-27
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access removable volumes without user consent.
- CVE-2025-24107HIGHCVSS 7.8EG 7.82025-01-27
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, watchOS 11.3. A malicious app may be able to gain root privileges.
- CVE-2025-24135HIGHCVSS 7.8EG 9.82025-01-27
This issue was addressed with improved message validation. This issue is fixed in macOS Sequoia 15.3. An app may be able to gain elevated privileges.
- CVE-2025-24140MEDIUMCVSS 5.3EG 5.32025-01-27
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3. Files downloaded from the internet may not have the quarantine flag applied.
- CVE-2025-24170HIGHCVSS 7.8EG 7.82025-03-31
A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
- CVE-2025-24172CRITICALCVSS 9.8EG 9.82025-03-31
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. "Block All Remote Content" may not apply for all mail previews.
- CVE-2025-24176HIGHCVSS 7.1EG 7.12025-01-27
A permissions issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. A local attacker may be able to elevate their privileges.
- CVE-2025-24195CRITICALCVSS 9.8EG 9.82025-03-31
An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A user may be able to elevate privileges.
- CVE-2025-24207CRITICALCVSS 9.8EG 9.82025-03-31
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to enable iCloud storage features without user consent.
- CVE-2025-24234HIGHCVSS 7.8EG 7.82025-03-31
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to gain root privileges.
- CVE-2025-24238CRITICALCVSS 9.8EG 9.82025-03-31
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, watchOS 11.4. An app may be able to gain elevated privileges.
- CVE-2025-24267HIGHCVSS 7.8EG 7.82025-03-31
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
- CVE-2025-24277HIGHCVSS 7.8EG 7.82025-03-31
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
- CVE-2025-24399HIGHCVSS 8.8EG 8.82025-01-22
Jenkins OpenId Connect Authentication Plugin 4.452.v2849b_d3945fa_ and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as case-insensitive, allowing attackers on Jenkins instances configured with a case-sensitive OpenID Connect p…
- CVE-2025-24788MEDIUMCVSS 5.0EG 5.02025-01-29
snowflake-connector-net is the Snowflake Connector for .NET. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for .NET in which files downloaded from stages are temporarily placed in a world-readable local dir…
- CVE-2025-24790MEDIUMCVSS 4.4EG 4.42025-01-29
Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. On Linux systems, when temporar…
- CVE-2025-24795MEDIUMCVSS 4.4EG 4.42025-01-29
The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector f…
- CVE-2025-24826MEDIUMCVSS 6.7EG 6.72025-01-28
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 4625.
- CVE-2025-24864HIGHCVSS 7.8EG 7.82025-03-06
Incorrect access permission of a specific folder issue exists in RemoteView Agent (for Windows) versions prior to v8.1.5.2. If this vulnerability is exploited, a non-administrative user on the remote PC may execute an arbitrary OS command …
- CVE-2025-24891CRITICALCVSS 9.6EG 9.62025-01-31
Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to w…
- CVE-2025-24914HIGHCVSS 7.8EG 7.82025-04-18
When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8.4 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the direct…
- CVE-2025-24915HIGHCVSS 7.8EG 7.82025-03-21
When installing Nessus Agent to a non-default location on a Windows host, Nessus Agent versions prior to 10.8.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secu…
- CVE-2025-2502HIGHCVSS 7.8EG 7.82025-05-30
An improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges.
- CVE-2025-25535CRITICALCVSS 9.8EG 9.82025-03-26
HTTP Response Manipulation in SCRIPT CASE v.1.0.002 Build7 allows a remote attacker to escalate privileges via a crafted request.
Map vulnerabilities like CWE-276 to your infrastructure
EchelonGraph correlates every CVE — across CWE-276 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →