Vulnerabilities > Incorrect Default Permissions
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-24 | CVE-2024-36541 | Incorrect Default Permissions vulnerability in Kube-Logging Logging-Operator 4.6.0 Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. | 8.8 |
| 2024-07-22 | CVE-2024-6122 | Incorrect Default Permissions vulnerability in NI Flexlogger and Systemlink An incorrect permission in the installation directory for the shared NI SystemLink Server KeyValueDatabase service may result in information disclosure via local access. | 5.5 |
| 2024-07-16 | CVE-2024-6325 | Incorrect Default Permissions vulnerability in Rockwellautomation Factorytalk Policy Manager 6.40.0 The v6.40 release of Rockwell Automation FactoryTalk® Policy Manager CVE-2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1550.html and CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html by implementing CIP security and did not update to the versions of the software CVE-2022-1161 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN1585.html and CVE-2022-1161. | 6.5 |
| 2024-07-16 | CVE-2024-6326 | Incorrect Default Permissions vulnerability in Rockwellautomation products An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service. | 5.5 |
| 2024-07-16 | CVE-2024-3779 | Incorrect Default Permissions vulnerability in Eset products Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met. | 5.5 |
| 2024-07-09 | CVE-2024-31312 | Incorrect Default Permissions vulnerability in Google Android In multiple locations, there is a possible information leak due to a missing permission check. | 5.5 |
| 2024-07-09 | CVE-2024-22062 | Incorrect Default Permissions vulnerability in ZTE Zxcloud Irai There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate non-administrator permissions to administrator permissions by modifying the configuration. | 8.8 |
| 2024-06-12 | CVE-2024-37038 | Incorrect Default Permissions vulnerability in Schneider-Electric Sage RTU Firmware CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated user with access to the device’s web interface to perform unauthorized file and firmware uploads when crafting custom web requests. | 8.8 |
| 2024-05-16 | CVE-2023-24460 | Incorrect Default Permissions vulnerability in Intel Graphics Performance Analyzers Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2024-05-16 | CVE-2023-43629 | Incorrect Default Permissions vulnerability in Intel Graphics Performance Analyzers Incorrect default permissions in some Intel(R) GPA software installers before version 2023.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |