Vulnerabilities > Improper Privilege Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-06 | CVE-2020-26601 | Improper Privilege Management vulnerability in Google Android An issue was discovered in DirEncryptService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. | 5.0 |
| 2020-10-05 | CVE-2020-12302 | Improper Privilege Management vulnerability in Intel Driver & Support Assistant Improper permissions in the Intel(R) Driver & Support Assistant before version 20.7.26.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | 4.6 |
| 2020-10-05 | CVE-2020-8223 | Improper Privilege Management vulnerability in multiple products A logic error in Nextcloud Server 19.0.0 caused a privilege escalation allowing malicious users to reshare with higher permissions than they got assigned themselves. | 6.5 |
| 2020-10-02 | CVE-2020-25776 | Improper Privilege Management vulnerability in Trendmicro Antivirus 2019/2020 Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbolic link privilege escalation attack where an attacker could exploit a critical file on the system to escalate their privileges. | 7.2 |
| 2020-10-02 | CVE-2020-24356 | Improper Privilege Management vulnerability in Cloudflare Cloudflared `cloudflared` versions prior to 2020.8.1 contain a local privilege escalation vulnerability on Windows systems. | 4.6 |
| 2020-09-29 | CVE-2020-24563 | Improper Privilege Management vulnerability in Trendmicro Apex ONE 2019/Saas A vulnerability in Trend Micro Apex One may allow a local attacker to manipulate the process of the security agent unload option (if configured), which then could be manipulated to gain a privilege escalation and code execution. | 7.2 |
| 2020-09-29 | CVE-2020-24562 | Improper Privilege Management vulnerability in Trendmicro Officescan XG A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. | 7.2 |
| 2020-09-24 | CVE-2020-3396 | Improper Privilege Management vulnerability in Cisco IOS XE 16.12.1 A vulnerability in the file system on the pluggable USB 3.0 Solid State Drive (SSD) for Cisco IOS XE Software could allow an authenticated, physical attacker to remove the USB 3.0 SSD and modify sensitive areas of the file system, including the namespace container protections. | 7.2 |
| 2020-09-23 | CVE-2020-25595 | Improper Privilege Management vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 7.8 |
| 2020-09-23 | CVE-2020-25826 | Improper Privilege Management vulnerability in Pingidentity Pingid Integration for Windows Login PingID Integration for Windows Login before 2.4.2 allows local users to gain privileges by modifying CefSharp.BrowserSubprocess.exe. | 7.2 |