Common Weakness Enumeration

CWE-269

Discouraged

Improper Privilege Management

Abstraction: Class · Status: Draft

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

5447 vulnerabilities reference this CWE, most recent first.

GHSA-Q23C-MJCP-8VJ6

Vulnerability from github – Published: 2022-05-24 17:38 – Updated: 2022-05-24 17:38
VLAI
Details

Citrix Secure Mail for Android before 20.11.0 suffers from improper access control allowing unauthenticated access to read limited calendar related data stored within Secure Mail. Note that a malicious app would need to be installed on the Android device or a threat actor would need to execute arbitrary code on the Android device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-8275"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-01-06T21:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Citrix Secure Mail for Android before 20.11.0 suffers from improper access control allowing unauthenticated access to read limited calendar related data stored within Secure Mail. Note that a malicious app would need to be installed on the Android device or a threat actor would need to execute arbitrary code on the Android device.",
  "id": "GHSA-q23c-mjcp-8vj6",
  "modified": "2022-05-24T17:38:07Z",
  "published": "2022-05-24T17:38:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8275"
    },
    {
      "type": "WEB",
      "url": "https://support.citrix.com/article/CTX286763"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-Q256-27JP-5FX9

Vulnerability from github – Published: 2022-01-12 00:00 – Updated: 2024-11-14 21:31
VLAI
Details

Windows System Launcher Elevation of Privilege Vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-21866"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-01-11T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "Windows System Launcher Elevation of Privilege Vulnerability.",
  "id": "GHSA-q256-27jp-5fx9",
  "modified": "2024-11-14T21:31:45Z",
  "published": "2022-01-12T00:00:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21866"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21866"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21866"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q29X-RCPR-GGQM

Vulnerability from github – Published: 2022-05-24 17:33 – Updated: 2022-05-24 17:33
VLAI
Details

Incorrect file permissions in BlueStacks 4 through 4.230 on Windows allow a local attacker to escalate privileges by modifying a file that is later executed by a higher-privileged user.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-24367"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-11-10T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "Incorrect file permissions in BlueStacks 4 through 4.230 on Windows allow a local attacker to escalate privileges by modifying a file that is later executed by a higher-privileged user.",
  "id": "GHSA-q29x-rcpr-ggqm",
  "modified": "2022-05-24T17:33:55Z",
  "published": "2022-05-24T17:33:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24367"
    },
    {
      "type": "WEB",
      "url": "https://support.bluestacks.com/hc/en-us/articles/360051471652--Bluestacks-update-fixes-vulnerabilities"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-Q2J8-G836-9CV5

Vulnerability from github – Published: 2023-02-03 21:30 – Updated: 2023-02-15 18:30
VLAI
Details

VMware Workstation contains an arbitrary file deletion vulnerability. A malicious actor with local user privileges on the victim's machine may exploit this vulnerability to delete arbitrary files from the file system of the machine on which Workstation is installed.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-20854"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-03T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "VMware Workstation contains an arbitrary file deletion vulnerability. A malicious actor with local user privileges on the victim\u0027s machine may exploit this vulnerability to delete arbitrary files from the file system of the machine on which Workstation is installed.",
  "id": "GHSA-q2j8-g836-9cv5",
  "modified": "2023-02-15T18:30:21Z",
  "published": "2023-02-03T21:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20854"
    },
    {
      "type": "WEB",
      "url": "https://www.vmware.com/security/advisories/VMSA-2023-0003.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q2MG-H8MW-6FVW

Vulnerability from github – Published: 2022-11-23 18:30 – Updated: 2022-11-29 21:30
VLAI
Details

Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-40772"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-11-23T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module.",
  "id": "GHSA-q2mg-h8mw-6fvw",
  "modified": "2022-11-29T21:30:26Z",
  "published": "2022-11-23T18:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40772"
    },
    {
      "type": "WEB",
      "url": "https://manageengine.com"
    },
    {
      "type": "WEB",
      "url": "https://www.manageengine.com/products/service-desk/CVE-2022-40772.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q2MW-237C-CPJV

Vulnerability from github – Published: 2022-05-24 17:22 – Updated: 2022-05-24 17:22
VLAI
Details

In GOG Galaxy 1.2.67, there is a service that is vulnerable to weak file/service permissions: GalaxyClientService.exe. An attacker can put malicious code in a Trojan horse GalaxyClientService.exe. After that, the attacker can re-start this service as an unprivileged user to escalate his/her privileges and run commands on the machine with SYSTEM rights.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-11827"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-07-14T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "In GOG Galaxy 1.2.67, there is a service that is vulnerable to weak file/service permissions: GalaxyClientService.exe. An attacker can put malicious code in a Trojan horse GalaxyClientService.exe. After that, the attacker can re-start this service as an unprivileged user to escalate his/her privileges and run commands on the machine with SYSTEM rights.",
  "id": "GHSA-q2mw-237c-cpjv",
  "modified": "2022-05-24T17:22:50Z",
  "published": "2022-05-24T17:22:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11827"
    },
    {
      "type": "WEB",
      "url": "https://fatihhcelik.blogspot.com/2020/04/gog-galaxy-desktop-app-local-privilege.html"
    },
    {
      "type": "WEB",
      "url": "https://www.gog.com/galaxy"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-Q2RH-FC48-R3GW

Vulnerability from github – Published: 2025-10-21 03:30 – Updated: 2025-10-24 18:30
VLAI
Details

An attacker may obtain the root shell on the underlying OS system with the restricted conditions on Omada gateways.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-7851"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-21T01:15:37Z",
    "severity": "HIGH"
  },
  "details": "An attacker may obtain the root shell on the underlying OS system with the restricted conditions on Omada gateways.",
  "id": "GHSA-q2rh-fc48-r3gw",
  "modified": "2025-10-24T18:30:58Z",
  "published": "2025-10-21T03:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7851"
    },
    {
      "type": "WEB",
      "url": "https://support.omadanetworks.com/en/document/108456"
    },
    {
      "type": "WEB",
      "url": "https://www.forescout.com/blog/new-tp-link-router-vulnerabilities-a-primer-on-rooting-routers"
    },
    {
      "type": "WEB",
      "url": "https://www.omadanetworks.com/us/business-networking/all-omada-router"
    },
    {
      "type": "WEB",
      "url": "https://www.omadanetworks.com/us/business-networking/omada-pro-router-wired-router"
    },
    {
      "type": "WEB",
      "url": "https://www.tp-link.com/us/business-networking/soho-festa-gateway"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-Q33X-4QQR-JWVX

Vulnerability from github – Published: 2022-05-24 17:25 – Updated: 2024-01-04 03:30
VLAI
Details

An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Engine Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1535, CVE-2020-1536, CVE-2020-1540, CVE-2020-1541, CVE-2020-1542, CVE-2020-1543, CVE-2020-1544, CVE-2020-1545, CVE-2020-1546, CVE-2020-1547, CVE-2020-1551.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-1539"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-08-17T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka \u0027Windows Backup Engine Elevation of Privilege Vulnerability\u0027. This CVE ID is unique from CVE-2020-1535, CVE-2020-1536, CVE-2020-1540, CVE-2020-1541, CVE-2020-1542, CVE-2020-1543, CVE-2020-1544, CVE-2020-1545, CVE-2020-1546, CVE-2020-1547, CVE-2020-1551.",
  "id": "GHSA-q33x-4qqr-jwvx",
  "modified": "2024-01-04T03:30:35Z",
  "published": "2022-05-24T17:25:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1539"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1539"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q342-653J-6H3R

Vulnerability from github – Published: 2025-07-30 00:32 – Updated: 2025-11-03 21:34
VLAI
Details

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-43249"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-30T00:15:36Z",
    "severity": "HIGH"
  },
  "details": "A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges.",
  "id": "GHSA-q342-653j-6h3r",
  "modified": "2025-11-03T21:34:16Z",
  "published": "2025-07-30T00:32:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43249"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/124149"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/124150"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/124151"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2025/Jul/32"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2025/Jul/33"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2025/Jul/34"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-Q348-8X26-5676

Vulnerability from github – Published: 2023-01-05 09:30 – Updated: 2023-01-11 18:30
VLAI
Details

A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the macOS instance in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x: 6.10.7 and below and ClearPass Policy Manager 6.9.x: 6.9.12 and below.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-43533"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-01-05T07:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. A successful exploit could allow these users to execute arbitrary code with root level privileges on the macOS instance in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x: 6.10.7 and below and ClearPass Policy Manager 6.9.x: 6.9.12 and below.",
  "id": "GHSA-q348-8x26-5676",
  "modified": "2023-01-11T18:30:32Z",
  "published": "2023-01-05T09:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43533"
    },
    {
      "type": "WEB",
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-020.txt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-48
Architecture and Design

Strategy: Separation of Privilege

Follow the principle of least privilege when assigning access rights to entities in a software system.

Mitigation MIT-49
Architecture and Design

Strategy: Separation of Privilege

Consider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.

CAPEC-122: Privilege Abuse

An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.

CAPEC-233: Privilege Escalation

An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.

CAPEC-58: Restful Privilege Elevation

An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.