Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

CVEs (1,663)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-22566 1Google 1Fuchsia Nov 21, 2024 Jan 18, 2022 5.1 MEDIUM· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead to privileged executable pages being mapped as executable from an unprivileged context. This can be leveraged by an attacker to bypass executability r...Show more An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead to privileged executable pages being mapped as executable from an unprivileged context. This can be leveraged by an attacker to bypass executability restrictions of kernel-mode pages from user-mode. An incorrect setting of PXN bits within mmu_flags_to_s1_pte_attr lead to unprivileged executable pages being mapped as executable from a privileged context. This can be leveraged by an attacker to bypass executability restrictions of user-mode pages from kernel-mode. Typically this allows a potential attacker to circumvent a mitigation, making exploitation of potential kernel-mode vulnerabilities easier. We recommend updating kernel beyond commit 7d731b4e9599088ac3073956933559da7bca6a00 and rebuilding.Show less
CVE-2021-39627 1Google 1Android Nov 21, 2024 Jan 14, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges need...Show more In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-185126549Show less
CVE-2021-39621 1Google 1Android Nov 21, 2024 Jan 14, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges need...Show more In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-185126319Show less
CVE-2022-22988 1Westerndigital 1Edgerover Feb 24, 2026 Jan 13, 2022 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 File and directory permissions have been corrected to prevent unintended users from modifying or accessing resources. It would be more difficult for an authenticated attacker to now traverse through the files and directo...Show more File and directory permissions have been corrected to prevent unintended users from modifying or accessing resources. It would be more difficult for an authenticated attacker to now traverse through the files and directories. This can only be exploited once an attacker has already found a way to get authenticated access to the device.Show less
CVE-2022-23132 2Fedoraproject Zabbix 2Fedora Zabbix Nov 3, 2025 Jan 13, 2022 N/A· v4 7.3 HIGH· v3 7.5 HIGH· v2 During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permi...Show more During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system levelShow less
CVE-2021-44466 1Leap 1Bitmask Riseup Vpn Nov 21, 2024 Dec 30, 2021 N/A· v4 7.3 HIGH· v3 4.6 MEDIUM· v2 Bitmask Riseup VPN 0.21.6 contains a local privilege escalation flaw due to improper access controls. When the software is installed with a non-default installation directory off of the system root, the installer fails t...Show more Bitmask Riseup VPN 0.21.6 contains a local privilege escalation flaw due to improper access controls. When the software is installed with a non-default installation directory off of the system root, the installer fails to properly set ACLs. This allows lower privileged users to replace the VPN executable with a malicious one. When a higher privileged user such as an Administrator launches that executable, it is possible for the lower privileged user to escalate to Administrator privileges.Show less
CVE-2021-20172 1Netgear 1Genie Installer Nov 21, 2024 Dec 30, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. The installer of the macOS version of Netgear Genie handles certain files in an insecure way. A malicious ac...Show more All known versions of the Netgear Genie Installer for macOS contain a local privilege escalation vulnerability. The installer of the macOS version of Netgear Genie handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which the software is going to be installed may overwrite certain files to obtain privilege escalation to root.Show less
CVE-2021-20874 1Groupsession 1Groupsession Nov 21, 2024 Dec 24, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Incorrect permission assignment for critical resource vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows a remote...Show more Incorrect permission assignment for critical resource vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows a remote unauthenticated attacker to access arbitrary files on the server and obtain sensitive information via unspecified vectors.Show less
CVE-2021-27445 1Mesalabs 1Amegaview Nov 21, 2024 Dec 21, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited to escalate privileges on the device.
CVE-2021-35248 1Solarwinds 1Orion Platform Nov 21, 2024 Dec 20, 2021 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings.
CVE-2021-0904 1Google 1Android Nov 21, 2024 Dec 15, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploi...Show more In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06076938; Issue ID: ALPS06076938.Show less
CVE-2021-42309 1Microsoft 3Sharepoint Enterprise Server Sharepoint FoundationSharepoint Server Nov 21, 2024 Dec 15, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-43065 1Fortinet 1Fortinac Nov 21, 2024 Dec 9, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows attacker to gain higher privileges via the access to sensitive system da...Show more A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows attacker to gain higher privileges via the access to sensitive system data.Show less
CVE-2021-36133 2Linaro Trustedfirmware 2Op Tee Op Tee Jun 5, 2026 Dec 7, 2021 N/A· v4 7.1 HIGH· v3 3.6 LOW· v2 The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Sec...Show more The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral.Show less
CVE-2021-44512 1Tmate 1Tmate Ssh Server Nov 21, 2024 Dec 7, 2021 N/A· v4 7.0 HIGH· v3 4.4 MEDIUM· v2 World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only sessi...Show more World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory.Show less
CVE-2021-43034 1Kaseya 1Unitrends Backup Nov 21, 2024 Dec 6, 2021 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A world writable file allowed local users to execute arbitrary code as the user apache, leading to privilege escalation.
CVE-2021-43359 1Sun 1Ehrd Nov 21, 2024 Dec 1, 2021 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access account management page after being authenticated as a general user, then perform privilege escalation to execute arbitrary co...Show more Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access account management page after being authenticated as a general user, then perform privilege escalation to execute arbitrary code and control the system or interrupt services.Show less
CVE-2021-40101 1Concretecms 1Concrete Cms Nov 21, 2024 Nov 30, 2021 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in Concrete CMS before 8.5.7. The Dashboard allows a user's password to be changed without a prompt for the current password.
CVE-2021-44230 1Portswigger 1Burp Suite Nov 21, 2024 Nov 30, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 PortSwigger Burp Suite Enterprise Edition before 2021.11 on Windows has weak file permissions for the embedded H2 database, which might lead to privilege escalation. This issue can be exploited by an adversary who has al...Show more PortSwigger Burp Suite Enterprise Edition before 2021.11 on Windows has weak file permissions for the embedded H2 database, which might lead to privilege escalation. This issue can be exploited by an adversary who has already compromised a valid Windows account on the server via separate means. In this scenario, the compromised account may have inherited read access to sensitive configuration, database, and log files.Show less
CVE-2021-43998 1Hashicorp 1Vault Nov 21, 2024 Nov 30, 2021 N/A· v4 6.5 MEDIUM· v3 5.5 MEDIUM· v2 HashiCorp Vault and Vault Enterprise 0.11.0 up to 1.7.5 and 1.8.4 templated ACL policies would always match the first-created entity alias if multiple entity aliases exist for a specified entity and mount combination, po...Show more HashiCorp Vault and Vault Enterprise 0.11.0 up to 1.7.5 and 1.8.4 templated ACL policies would always match the first-created entity alias if multiple entity aliases exist for a specified entity and mount combination, potentially resulting in incorrect policy enforcement. Fixed in Vault and Vault Enterprise 1.7.6, 1.8.5, and 1.9.0.Show less

Previous 1...383940...84 Next