CWE-520— .NET Misconfiguration: Use of Impersonation
Allowing a .NET application to run at potentially escalated levels of access to the underlying operating and file systems can be dangerous and result in various forms of attacks.— MITRE CWE catalog
3 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-520page 1 of 1
- CVE-2019-25608HIGHCVSS 8.4EG 8.42026-03-22
Iperius Backup 6.1.0 contains a privilege escalation vulnerability that allows low-privilege users to execute arbitrary programs with elevated privileges by creating backup jobs. Attackers can configure backup jobs to execute malicious bat…
- CVE-2024-46943HIGHCVSS 7.5EG 4.32024-09-15
An issue was discovered in OpenDaylight Authentication, Authorization and Accounting (AAA) through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cl…
- CVE-2026-2450HIGHCVSS 7.4EG 7.42026-04-14
.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0.
Map vulnerabilities like CWE-520 to your infrastructure
EchelonGraph correlates every CVE — across CWE-520 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →