CWE-269
DiscouragedImproper Privilege Management
Abstraction: Class · Status: Draft
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
5444 vulnerabilities reference this CWE, most recent first.
GHSA-F77X-8QMC-HWCV
Vulnerability from github – Published: 2022-05-24 17:35 – Updated: 2025-08-29 00:31, aka 'Windows Backup Engine Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16964.
{
"affected": [],
"aliases": [
"CVE-2020-16963"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-12-10T00:15:00Z",
"severity": "HIGH"
},
"details": ", aka \u0027Windows Backup Engine Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16964.",
"id": "GHSA-f77x-8qmc-hwcv",
"modified": "2025-08-29T00:31:12Z",
"published": "2022-05-24T17:35:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16963"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-16963"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16963"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F787-92XR-XG8Q
Vulnerability from github – Published: 2026-03-02 21:31 – Updated: 2026-03-06 06:30In VBMeta, there is a possible way to modify and resign VBMeta using a test key, assuming the original image was previously signed with the same key. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
{
"affected": [],
"aliases": [
"CVE-2025-48613"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-02T19:16:27Z",
"severity": "HIGH"
},
"details": "In VBMeta, there is a possible way to modify and resign VBMeta using a test key, assuming the original image was previously signed with the same key. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.",
"id": "GHSA-f787-92xr-xg8q",
"modified": "2026-03-06T06:30:29Z",
"published": "2026-03-02T21:31:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48613"
},
{
"type": "WEB",
"url": "https://source.android.com/docs/security/bulletin/2026/2026-03-01"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2026-03-01"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F789-VPMF-M54P
Vulnerability from github – Published: 2026-01-21 00:31 – Updated: 2026-01-21 00:31Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
{
"affected": [],
"aliases": [
"CVE-2026-21957"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-20T22:15:58Z",
"severity": "HIGH"
},
"details": "Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).",
"id": "GHSA-f789-vpmf-m54p",
"modified": "2026-01-21T00:31:43Z",
"published": "2026-01-21T00:31:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21957"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F7H3-WHMX-5PQJ
Vulnerability from github – Published: 2022-06-16 00:00 – Updated: 2022-06-25 00:00Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.
{
"affected": [],
"aliases": [
"CVE-2022-31218"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-59"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-06-15T19:15:00Z",
"severity": "HIGH"
},
"details": "Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a \"repair\" operation on the product.",
"id": "GHSA-f7h3-whmx-5pqj",
"modified": "2022-06-25T00:00:51Z",
"published": "2022-06-16T00:00:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31218"
},
{
"type": "WEB",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108467A0305\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch\u0026_ga=2.38192870.478847987.1655218701-372504397.1647012599"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F7WH-X2JR-33HX
Vulnerability from github – Published: 2022-05-24 17:02 – Updated: 2023-01-30 21:30Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.
{
"affected": [],
"aliases": [
"CVE-2019-13738"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-12-10T22:15:00Z",
"severity": "MODERATE"
},
"details": "Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.",
"id": "GHSA-f7wh-x2jr-33hx",
"modified": "2023-01-30T21:30:29Z",
"published": "2022-05-24T17:02:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13738"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:4238"
},
{
"type": "WEB",
"url": "https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html"
},
{
"type": "WEB",
"url": "https://crbug.com/1017441"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2020/Jan/27"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202003-08"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2020/dsa-4606"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-F7WM-PR55-WXGM
Vulnerability from github – Published: 2022-05-24 19:20 – Updated: 2022-07-13 00:01Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.
{
"affected": [],
"aliases": [
"CVE-2021-30132"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-11-08T14:15:00Z",
"severity": "CRITICAL"
},
"details": "Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.",
"id": "GHSA-f7wm-pr55-wxgm",
"modified": "2022-07-13T00:01:18Z",
"published": "2022-05-24T19:20:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-30132"
},
{
"type": "WEB",
"url": "https://docs.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html"
},
{
"type": "WEB",
"url": "https://my.cloudera.com/knowledge/TSB-2021-491-Authorization-Bypass-in-Cloudera-Manager?id=314482"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F842-4GQM-2CPG
Vulnerability from github – Published: 2023-04-28 15:30 – Updated: 2024-04-04 03:43Insecure Permissions vulnerability found in MagicJack A921 USB Phone Jack Rev 3.0 v.1.4 allows a physically proximate attacker to escalate privileges and gain access to sensitive information via the NAND flash memory.
{
"affected": [],
"aliases": [
"CVE-2023-30024"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-28T13:15:13Z",
"severity": "MODERATE"
},
"details": "Insecure Permissions vulnerability found in MagicJack A921 USB Phone Jack Rev 3.0 v.1.4 allows a physically proximate attacker to escalate privileges and gain access to sensitive information via the NAND flash memory.",
"id": "GHSA-f842-4gqm-2cpg",
"modified": "2024-04-04T03:43:33Z",
"published": "2023-04-28T15:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30024"
},
{
"type": "WEB",
"url": "https://drive.google.com/drive/folders/1cKd8hksThK610GPtBQ3du8DEkwKywlAi?usp=sharing"
},
{
"type": "WEB",
"url": "https://pastebin.com/raw/irWcawp8"
},
{
"type": "WEB",
"url": "https://samuraisecurity.co.uk/red-teaming-0x01-click-rce-via-voip-usb"
},
{
"type": "WEB",
"url": "https://www.magicjack.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F87G-RQHG-RQ8R
Vulnerability from github – Published: 2021-12-16 00:01 – Updated: 2024-08-01 15:31Windows Setup Elevation of Privilege Vulnerability
{
"affected": [],
"aliases": [
"CVE-2021-43237"
],
"database_specific": {
"cwe_ids": [
"CWE-269",
"CWE-59"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-15T15:15:00Z",
"severity": "HIGH"
},
"details": "Windows Setup Elevation of Privilege Vulnerability",
"id": "GHSA-f87g-rqhg-rq8r",
"modified": "2024-08-01T15:31:16Z",
"published": "2021-12-16T00:01:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43237"
},
{
"type": "WEB",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43237"
},
{
"type": "WEB",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-018"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F8CQ-8HF3-3HW9
Vulnerability from github – Published: 2022-08-05 00:00 – Updated: 2022-08-11 00:00In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, certain iRules commands may allow an attacker to bypass the access control restrictions for a self IP address, regardless of the port lockdown settings. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
{
"affected": [],
"aliases": [
"CVE-2022-33962"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-08-04T18:15:00Z",
"severity": "MODERATE"
},
"details": "In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, certain iRules commands may allow an attacker to bypass the access control restrictions for a self IP address, regardless of the port lockdown settings. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.",
"id": "GHSA-f8cq-8hf3-3hw9",
"modified": "2022-08-11T00:00:19Z",
"published": "2022-08-05T00:00:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33962"
},
{
"type": "WEB",
"url": "https://support.f5.com/csp/article/K80970653"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-F8HH-555P-7C36
Vulnerability from github – Published: 2022-05-13 01:46 – Updated: 2022-05-13 01:46An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. When SmartPSS Software is launched, while on the login screen, the software in the background automatically logs in as admin. This allows sniffing sensitive information identified in CVE-2017-6341 without prior knowledge of the password. This is a different vulnerability than CVE-2013-6117.
{
"affected": [],
"aliases": [
"CVE-2017-6342"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-02-27T07:59:00Z",
"severity": "CRITICAL"
},
"details": "An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. When SmartPSS Software is launched, while on the login screen, the software in the background automatically logs in as admin. This allows sniffing sensitive information identified in CVE-2017-6341 without prior knowledge of the password. This is a different vulnerability than CVE-2013-6117.",
"id": "GHSA-f8hh-555p-7c36",
"modified": "2022-05-13T01:46:31Z",
"published": "2022-05-13T01:46:31Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6342"
},
{
"type": "WEB",
"url": "https://nullku7.github.io/stuff/exposure/dahua/2017/02/24/dahua-nvr.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/96454"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-48
Strategy: Separation of Privilege
Follow the principle of least privilege when assigning access rights to entities in a software system.
Mitigation MIT-49
Strategy: Separation of Privilege
Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
CAPEC-122: Privilege Abuse
An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.
CAPEC-233: Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC-58: Restful Privilege Elevation
An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.