Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-28 | CVE-2021-3579 | Incorrect Default Permissions vulnerability in Bitdefender Endpoint Security Tools and Total Security Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 7.2.1.65. | 4.6 |
| 2021-10-28 | CVE-2021-22475 | Incorrect Default Permissions vulnerability in Huawei Emui and Magic UI There is an Improper permission management vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | 5.0 |
| 2021-10-28 | CVE-2021-36989 | Incorrect Default Permissions vulnerability in Huawei Emui and Magic UI There is a Kernel crash vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions. | 7.5 |
| 2021-10-28 | CVE-2021-36990 | Incorrect Default Permissions vulnerability in Huawei Emui and Magic UI There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful exploitation of this vulnerability may escalate permissions. | 7.5 |
| 2021-10-27 | CVE-2021-38379 | Incorrect Default Permissions vulnerability in Northern.Tech Cfengine The Hub in CFEngine Enterprise 3.6.7 through 3.18.0 has Insecure Permissions that allow local Information Disclosure. | 2.1 |
| 2021-10-26 | CVE-2021-37363 | Incorrect Default Permissions vulnerability in Gestionaleopen Gestionale Open 11.00.00 An Insecure Permissions issue exists in Gestionale Open 11.00.00. | 9.3 |
| 2021-10-21 | CVE-2021-42011 | Incorrect Default Permissions vulnerability in Trendmicro Apex ONE 2019 An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. | 4.6 |
| 2021-10-21 | CVE-2021-40123 | Incorrect Default Permissions vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative read-only privileges to download files that should be restricted. | 6.5 |
| 2021-10-18 | CVE-2021-42055 | Incorrect Default Permissions vulnerability in Asus Ux582Lr Firmware ASUSTek ZenBook Pro Due 15 UX582 laptop firmware through 203 has Insecure Permissions that allow attacks by a physically proximate attacker. | 4.6 |
| 2021-10-18 | CVE-2021-42098 | Incorrect Default Permissions vulnerability in Devolutions Remote Desktop Manager An incomplete permission check on entries in Devolutions Remote Desktop Manager before 2021.2.16 allows attackers to bypass permissions via batch custom PowerShell. | 6.5 |