Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2022-02-11 CVE-2022-23996 Incorrect Default Permissions vulnerability in Samsung Wear OS
Unprotected component vulnerability in StTheaterModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to enable bedtime mode without a proper permission.
network
samsung CWE-276
4.3
4.3
2022-02-09 CVE-2021-0093 Incorrect Default Permissions vulnerability in multiple products
Incorrect default permissions in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access.
local
low complexity
intel netapp CWE-276
2.1
2.1
2022-02-09 CVE-2021-22817 Incorrect Default Permissions vulnerability in Schneider-Electric products
A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base installation directory leading to local privilege escalation.
local
low complexity
schneider-electric CWE-276
4.6
4.6
2022-02-09 CVE-2021-33129 Incorrect Default Permissions vulnerability in Intel Advisor
Incorrect default permissions in the software installer for the Intel(R) Advisor before version 2021.4.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-276
4.6
4.6
2022-02-09 CVE-2021-33166 Incorrect Default Permissions vulnerability in Intel Retail Experience Tool
Incorrect default permissions for the Intel(R) RXT for Chromebook application, all versions, may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel CWE-276
2.1
2.1
2022-02-09 CVE-2022-21204 Incorrect Default Permissions vulnerability in Intel Quartus Prime
Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-276
4.6
4.6
2022-02-04 CVE-2022-24113 Incorrect Default Permissions vulnerability in Acronis products
Local privilege escalation due to excessive permissions assigned to child processes.
local
low complexity
acronis CWE-276
4.6
4.6
2022-02-02 CVE-2022-24301 Incorrect Default Permissions vulnerability in multiple products
In Minetest before 5.4.0, players can add or subtract items from a different player's inventory.
network
low complexity
minetest debian CWE-276
6.4
6.4
2022-02-01 CVE-2021-46093 Incorrect Default Permissions vulnerability in Elitecms Elite CMS 1.0
eliteCMS v1.0 is vulnerable to Insecure Permissions via manage_uploads.php.
network
low complexity
elitecms CWE-276
7.5
7.5
2022-01-28 CVE-2021-40388 Incorrect Default Permissions vulnerability in Advantech SQ Manager 1.0.6
A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6.
local
low complexity
advantech CWE-276
7.2
7.2