CWE-279VariantDraft
Incorrect Execution-Assigned Permissions
While it is executing, the product sets the permissions of an object in a way that violates the intended permissions that have been specified by the user.
Open in catalog with CWE filter →Related CAPECs
Related vulnerabilities
CVE-2024-37734An issue in OpenEMR 7.0.2 allows a remote attacker to escalate privileges viaa crafted POST request using the noteid parameter.
CVE-2020-8025A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed sets the permissions for some of the directories of the pcp package to unintended settings. This issue affects: SUSE Linux Enterprise Server 12-SP4 permissions versions prior to 20170707-3.24.1. SUSE Linux Enterprise Server 15-LTSS permissions versions prior to 20180125-3.27.1. SUSE Linux Enterprise Server for SAP 15 permissions versions prior to 20180125-3.27.1. openSUSE Leap 15.1 permissions versions prior to 20181116-lp151.4.24.1. openSUSE Tumbleweed permissions versions prior to 20200624.
CVE-2025-22843Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-4665Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows Privilege Escalation.This issue affects Saphira Connect: before 9.
CVE-2025-14025A flaw was found in Ansible Automation Platform (AAP). Read-only scoped OAuth2 API Tokens in AAP, are enforced at the Gateway level for Gateway-specific operations. However, this vulnerability allows read-only tokens to perform write operations on backend services (e.g., Controller, Hub, EDA). If this flaw were exploited, an attacker‘s capabilities would only be limited by role based access controls (RBAC).
CVE-2024-11220A local low-level user on the server machine with credentials to the running OAS services can create and execute a report with an rdlx file on the server system itself. Any code within the rdlx file of the report executes with SYSTEM privileges, resulting in privilege escalation.
CVE-2024-25621containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.
CVE-2023-4383A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-23263NVIDIA DOCA-Host and Mellanox OFED contain a vulnerability in the VGT+ feature, where an attacker on a VM might cause escalation of privileges and denial of service on the VLAN.
CVE-2025-30001Incorrect Execution-Assigned Permissions vulnerability in Apache StreamPark.
This issue affects Apache StreamPark: from 2.1.4 before 2.1.6.
Users are recommended to upgrade to version 2.1.6, which fixes the issue.
CVE-2026-20062A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files.
This vulnerability is due to improper access controls for Secure Copy Protocol (SCP) operations when the CiscoSSH stack is enabled. An attacker could exploit this vulnerability by authenticating to a non-admin context of the device and issuing crafted SCP copy commands in that non-admin context. A successful exploit could allow the attacker to read, create, or overwrite sensitive files that belong to another context, including the admin and system contexts. The attacker cannot directly impact the availability of services pertaining to other contexts. To exploit this vulnerability, the attacker must have valid administrative credentials for a non-admin context.
Note: An attacker cannot list or enumerate files from another context and would need to know the exact file path, which increases the complexity of a successful attack.
CVE-2023-3915An issue has been discovered in GitLab EE affecting all versions starting from 16.1 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. If an external user is given an owner role on any group, that external user may escalate their privileges on the instance by creating a service account in that group. This service account is not classified as external and may be used to access internal projects.
CVE-2023-50914A Privilege Escalation issue in the inter-process communication procedure from GOG Galaxy (Beta) 2.0.67.2 through v2.0.71.2 allows authentictaed users to change the DACL of arbitrary system directories to include Everyone full control permissions by modifying the FixDirectoryPrivileges instruction parameters sent from GalaxyClient.exe to GalaxyClientService.exe.
CVE-2025-12801A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the
privileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or subtree of an exported directory, regardless of the set file permissions, and regardless of any 'root_squash' or 'all_squash' attributes that would normally be expected to apply to that client.
CVE-2026-4948A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus (Desktop Bus) setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication, leading to unauthorized changes in network security configurations.