Vulnerabilities > Incorrect Default Permissions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-27 | CVE-2022-43702 | Incorrect Default Permissions vulnerability in ARM products When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious code. | 7.8 |
2023-07-18 | CVE-2020-36695 | Incorrect Default Permissions vulnerability in Hitachi products Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS components), Hitachi Compute Systems Manager on Linux allows File Manipulation.This issue affects Hitachi Device Manager: before 8.8.5-02; Hitachi Tiered Storage Manager: before 8.8.5-02; Hitachi Replication Manager: before 8.8.5-02; Hitachi Tuning Manager: before 8.8.5-02; Hitachi Compute Systems Manager: before 8.8.3-08. | 7.8 |
2023-07-11 | CVE-2023-29131 | Incorrect Default Permissions vulnerability in Siemens Simatic CN 4100 A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). | 10.0 |
2023-06-28 | CVE-2023-21512 | Incorrect Default Permissions vulnerability in Samsung Android 11.0/12.0/13.0 Improper Knox ID validation logic in notification framework prior to SMR Jun-2023 Release 1 allows local attackers to read work profile notifications without proper access permission. | 3.3 |
2023-06-28 | CVE-2023-20178 | Incorrect Default Permissions vulnerability in Cisco Anyconnect Secure Mobility Client and Secure Client A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. | 7.8 |
2023-06-23 | CVE-2023-23344 | Incorrect Default Permissions vulnerability in Hcltech Bigfix Webui Insights 14 A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page. | 6.5 |
2023-06-16 | CVE-2023-25645 | Incorrect Default Permissions vulnerability in ZTE products There is a permission and access control vulnerability in some ZTE AndroidTV STBs. | 7.7 |
2023-06-13 | CVE-2022-33877 | Incorrect Default Permissions vulnerability in Fortinet Forticlient and Forticonverter An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0 through 7.0.6 and 6.4.0 through 6.4.8 and FortiConverter (Windows) versions 6.2.0 through 6.2.1, 7.0.0 and all versions of 6.0.0 may allow a local authenticated attacker to tamper with files in the installation folder, if FortiClient or FortiConverter is installed in an insecure folder. | 5.5 |
2023-06-07 | CVE-2023-31116 | Incorrect Default Permissions vulnerability in Samsung Exynos 5123 Firmware and Exynos 5300 Firmware An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. | 9.8 |
2023-06-07 | CVE-2023-33282 | Incorrect Default Permissions vulnerability in Marvalglobal MSM 15.0 Marval MSM through 14.19.0.12476 and 15.0 has a System account with default credentials. | 9.8 |