Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2024-07-16 CVE-2024-6326 Incorrect Default Permissions vulnerability in Rockwellautomation products
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service.
local
low complexity
rockwellautomation CWE-276
5.5
5.5
2024-07-16 CVE-2024-3779 Incorrect Default Permissions vulnerability in Eset products
Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met.
local
low complexity
eset CWE-276
5.5
5.5
2024-07-09 CVE-2024-31312 Incorrect Default Permissions vulnerability in Google Android
In multiple locations, there is a possible information leak due to a missing permission check.
local
low complexity
google CWE-276
5.5
5.5
2024-07-09 CVE-2024-22062 Incorrect Default Permissions vulnerability in ZTE Zxcloud Irai
There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate non-administrator permissions to administrator permissions by modifying the configuration.
local
low complexity
zte CWE-276
8.8
8.8
2024-06-12 CVE-2024-37038 Incorrect Default Permissions vulnerability in Schneider-Electric Sage RTU Firmware
CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated user with access to the device’s web interface to perform unauthorized file and firmware uploads when crafting custom web requests.
network
low complexity
schneider-electric CWE-276
8.8
8.8
2024-05-16 CVE-2023-24460 Incorrect Default Permissions vulnerability in Intel Graphics Performance Analyzers
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-276
7.8
7.8
2024-05-16 CVE-2023-43629 Incorrect Default Permissions vulnerability in Intel Graphics Performance Analyzers
Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-276
7.8
7.8
2024-04-19 CVE-2024-29962 Incorrect Default Permissions vulnerability in Broadcom Brocade Sannav
Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable.
local
low complexity
broadcom CWE-276
5.5
5.5
2024-04-19 CVE-2024-29967 Incorrect Default Permissions vulnerability in Broadcom Brocade Sannav
In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files.
local
low complexity
broadcom CWE-276
6.0
6.0
2024-03-28 CVE-2024-0259 Incorrect Default Permissions vulnerability in Fortra Robot Schedule
Fortra's Robot Schedule Enterprise Agent for Windows prior to version 3.04 is susceptible to privilege escalation.
local
low complexity
fortra CWE-276
7.3
7.3