Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

CVEs (2,753)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-9038 - - Sep 22, 2025 Sep 22, 2025 7.5 HIGH· v4 N/A· v3 N/A· v2 Improper Privilege Management vulnerability in GE Vernova S1 Agile Configuration Software on Windows allows Privilege Escalation.This issue affects S1 Agile Configuration Software: 3.1 and previous version.
CVE-2025-57396 1Tandoor 1Recipes Oct 3, 2025 Sep 19, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Tandoor Recipes 2.0.0-alpha-1, fixed in 2.0.0-alpha-2, is vulnerable to privilege escalation. This is due to the rework of the API, which resulted in the User Profile API Endpoint containing two boolean values indicating...Show more Tandoor Recipes 2.0.0-alpha-1, fixed in 2.0.0-alpha-2, is vulnerable to privilege escalation. This is due to the rework of the API, which resulted in the User Profile API Endpoint containing two boolean values indicating whether a user is staff or administrative. Consequently, any user can escalate their privileges to the highest level.Show less
CVE-2025-54761 1Yandaozi 1Ppress Sep 25, 2025 Sep 19, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 An issue was discovered in PPress 0.0.9 allowing attackers to gain escilated privlidges via crafted session cookie.
CVE-2025-34204 1Vasion 2Virtual Appliance Application Virtual Appliance Host Sep 24, 2025 Sep 19, 2025 8.7 HIGH· v4 9.8 CRITICAL· v3 N/A· v2 Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) contains multiple Docker containers that run primary application processes (for example PHP workers, Node.js servers a...Show more Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA and SaaS deployments) contains multiple Docker containers that run primary application processes (for example PHP workers, Node.js servers and custom binaries) as the root user. This increases the blast radius of a container compromise and enables lateral movement and host compromise when a container is breached.Show less
CVE-2025-10650 - - Feb 20, 2026 Sep 18, 2025 1.8 LOW· v4 N/A· v3 N/A· v2 SoftIron HyperCloud 2.5.0 through 2.6.3 may incorrectly add user SSH keys to the administrator-level authorized keys under certain conditions, allowing unauthorized privilege escalation to admin via SSH. Affects non-prod...Show more SoftIron HyperCloud 2.5.0 through 2.6.3 may incorrectly add user SSH keys to the administrator-level authorized keys under certain conditions, allowing unauthorized privilege escalation to admin via SSH. Affects non-production debug and internal development builds created between versions 2.5.0 and 2.6.3. No generally available (GA) or customer-released production builds were affected. There is no evidence that this issue was exposed in customer environments or production deployments.Show less
CVE-2025-58432 1Zimaspace 1Zimaos Sep 22, 2025 Sep 17, 2025 5.2 MEDIUM· v4 7.8 HIGH· v3 N/A· v2 ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.4.1 and all prior versions, the /v2_1/files/file/uploadV2 endpoint allows file upload from ANY USER who has acce...Show more ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.4.1 and all prior versions, the /v2_1/files/file/uploadV2 endpoint allows file upload from ANY USER who has access to localhost. File uploads are performed AS ROOT.Show less
CVE-2025-37123 - - Sep 17, 2025 Sep 16, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 A vulnerability in the command-line interface of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to escalate privileges. Successful exploitation of this vulnerability may ena...Show more A vulnerability in the command-line interface of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to escalate privileges. Successful exploitation of this vulnerability may enable the attacker to execute arbitrary system commands with root privileges on the underlying operating system.Show less
CVE-2025-34187 1Ilevia 1Eve X1 Server Firmware Sep 25, 2025 Sep 16, 2025 9.3 CRITICAL· v4 8.8 HIGH· v3 N/A· v2 Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts. If these scripts are writable by web-facing users or accessible...Show more Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts. If these scripts are writable by web-facing users or accessible via command injection, attackers can replace them with malicious payloads. Execution with sudo grants full root access, resulting in remote privilege escalation and potential system compromise.Show less
CVE-2025-43333 1Apple 1Macos Nov 3, 2025 Sep 15, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to gain root privileges.
CVE-2025-57118 1Phpgurukul 1Online Library Management System Sep 18, 2025 Sep 15, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in PHPGurukul Online-Library-Management-System v3.0 allows an attacker to escalate privileges via the index.php
CVE-2025-9059 - - Sep 11, 2025 Sep 11, 2025 8.8 HIGH· v4 N/A· v3 N/A· v2 The Altiris Core Agent Updater package (AeXNSC.exe) is prone to an elevation of privileges vulnerability through DLL hijacking.
CVE-2025-50892 1Easeus 1Eudskacs.sys Driver Oct 20, 2025 Sep 10, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 The eudskacs.sys driver version 20250328 shipped with EaseUs Todo Backup 1.2.0.1 fails to properly validate privileges for I/O requests (IRP_MJ_READ/IRP_MJ_WRITE) sent to its device object. This allows a local, low-privi...Show more The eudskacs.sys driver version 20250328 shipped with EaseUs Todo Backup 1.2.0.1 fails to properly validate privileges for I/O requests (IRP_MJ_READ/IRP_MJ_WRITE) sent to its device object. This allows a local, low-privileged attacker to perform arbitrary raw disk reads and writes, leading to sensitive information disclosure, denial of service, or local privilege escalation.Show less
CVE-2025-53914 - - Sep 12, 2025 Sep 9, 2025 7.0 HIGH· v4 N/A· v3 N/A· v2 Excessive Privileges vulnerability in Calix GigaCenter ONT (Broadcom SoC modules) allows Privilege Abuse.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE, 812G, 813G, 818G.
CVE-2025-53913 - - Sep 12, 2025 Sep 9, 2025 7.0 HIGH· v4 N/A· v3 N/A· v2 Excessive Privileges vulnerability in Calix GigaCenter ONT (Quantenna SoC modules) allows Privilege Abuse.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE, 812G, 813G, 818G.
CVE-2025-52915 - - Sep 10, 2025 Sep 9, 2025 N/A· v4 7.2 HIGH· v3 N/A· v2 K7RKScan.sys 23.0.0.10, part of the K7 Security Anti-Malware suite, allows an admin-privileged user to send crafted IOCTL requests to terminate processes that are protected through a third-party implementation. This is c...Show more K7RKScan.sys 23.0.0.10, part of the K7 Security Anti-Malware suite, allows an admin-privileged user to send crafted IOCTL requests to terminate processes that are protected through a third-party implementation. This is caused by insufficient caller validation in the driver's IOCTL handler, enabling unauthorized processes to perform those actions in kernel space. Successful exploitation can lead to denial of service by disrupting critical third-party services or applications.Show less
CVE-2025-40594 1Siemens 3Sinamics G220 Firmware Sinamics S200 FirmwareSinamics S210 Firmware Mar 10, 2026 Sep 9, 2025 6.9 MEDIUM· v4 9.8 CRITICAL· v3 N/A· v2 A vulnerability has been identified in SINAMICS G220 V6.4 (All versions < V6.4 HF2), SINAMICS S200 V6.4 (All versions < V6.4 HF7), SINAMICS S210 V6.4 (All versions < V6.4 HF2). The affected devices allow a factory reset...Show more A vulnerability has been identified in SINAMICS G220 V6.4 (All versions < V6.4 HF2), SINAMICS S200 V6.4 (All versions < V6.4 HF7), SINAMICS S210 V6.4 (All versions < V6.4 HF2). The affected devices allow a factory reset to be executed without the required privileges due to improper privilege management as well as manipulation of configuration data because of leaked privileges of previous sessions. This could allow an unauthorized attacker to escalate their privileges.Show less
CVE-2025-43722 1Dell 1Powerscale Onefs Feb 20, 2026 Sep 8, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper privilege management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation...Show more Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper privilege management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.Show less
CVE-2025-32345 1Google 1Android Sep 8, 2025 Sep 4, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could l...Show more In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2025-26462 1Google 1Android Sep 8, 2025 Sep 4, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In AccessibilityServiceConnection.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. Us...Show more In AccessibilityServiceConnection.java, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2025-26435 1Google 1Android Sep 29, 2025 Sep 4, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could l...Show more In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less

Previous 1...181920...138 Next