Vulnerabilities > Incorrect Default Permissions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-11 | CVE-2021-39635 | Incorrect Default Permissions vulnerability in Google Android ims_ex is a vendor system service used to manage VoLTE in unisoc devices,But it does not verify the caller's permissions,so that normal apps (No phone permissions) can obtain some VoLTE sensitive information and manage VoLTE calls.Product: AndroidVersions: Android SoCAndroid ID: A-206492634 | 9.1 |
2022-02-11 | CVE-2021-39658 | Incorrect Default Permissions vulnerability in Google Android ismsEx service is a vendor service in unisoc equipment?ismsEx service is an extension of sms system service,but it does not check the permissions of the caller,resulting in permission leaks?Third-party apps can use this service to arbitrarily modify and set system properties?Product: AndroidVersions: Android SoCAndroid ID: A-207479207 | 9.8 |
2022-02-11 | CVE-2022-23995 | Incorrect Default Permissions vulnerability in Samsung Wear OS Unprotected component vulnerability in StBedtimeModeAlarmReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to change bedtime mode without a proper permission. | 3.3 |
2022-02-11 | CVE-2022-23996 | Incorrect Default Permissions vulnerability in Samsung Wear OS Unprotected component vulnerability in StTheaterModeReceiver in Wear OS 3.0 prior to Firmware update Feb-2022 Release allows untrusted applications to enable bedtime mode without a proper permission. | 3.3 |
2022-02-09 | CVE-2021-0093 | Incorrect Default Permissions vulnerability in multiple products Incorrect default permissions in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access. | 4.4 |
2022-02-09 | CVE-2021-22817 | Incorrect Default Permissions vulnerability in Schneider-Electric products A CWE-276: Incorrect Default Permissions vulnerability exists that could cause unauthorized access to the base installation directory leading to local privilege escalation. | 7.8 |
2022-02-09 | CVE-2021-33129 | Incorrect Default Permissions vulnerability in Intel Advisor Incorrect default permissions in the software installer for the Intel(R) Advisor before version 2021.4.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2022-02-09 | CVE-2021-33166 | Incorrect Default Permissions vulnerability in Intel Retail Experience Tool Incorrect default permissions for the Intel(R) RXT for Chromebook application, all versions, may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
2022-02-09 | CVE-2022-21204 | Incorrect Default Permissions vulnerability in Intel Quartus Prime Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2022-02-04 | CVE-2022-24113 | Incorrect Default Permissions vulnerability in Acronis products Local privilege escalation due to excessive permissions assigned to child processes. | 7.8 |