Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-20 | CVE-2022-29527 | Incorrect Permission Assignment for Critical Resource vulnerability in Amazon SSM Agent Amazon AWS amazon-ssm-agent before 3.1.1208.0 creates a world-writable sudoers file, which allows local attackers to inject Sudo rules and escalate privileges to root. | 7.0 |
| 2022-04-13 | CVE-2022-22960 | Incorrect Permission Assignment for Critical Resource vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. | 7.8 |
| 2022-04-12 | CVE-2022-23448 | Incorrect Permission Assignment for Critical Resource vulnerability in Siemens products A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1), SIMATIC Energy Manager PRO (All versions < V7.3 Update 1). | 7.8 |
| 2022-04-11 | CVE-2022-1316 | Incorrect Permission Assignment for Critical Resource vulnerability in Zerotier Zerotierone Incorrect Permission Assignment for Critical Resource in GitHub repository zerotier/zerotierone prior to 1.8.8. | 7.8 |
| 2022-04-11 | CVE-2022-0556 | Incorrect Permission Assignment for Critical Resource vulnerability in Zyxel AP Configurator 1.1.4 A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator (ZAC) version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator. | 7.8 |
| 2022-04-07 | CVE-2022-22516 | Incorrect Permission Assignment for Critical Resource vulnerability in Codesys products The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space. | 7.8 |
| 2022-04-06 | CVE-2022-26250 | Incorrect Permission Assignment for Critical Resource vulnerability in Synametrics Synaman Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges. | 7.8 |
| 2022-04-05 | CVE-2022-26281 | Incorrect Permission Assignment for Critical Resource vulnerability in Bigantsoft Bigant Server 5.6.06 BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue. | 7.5 |
| 2022-03-30 | CVE-2022-23869 | Incorrect Permission Assignment for Critical Resource vulnerability in Ruoyi 4.7.2 In RuoYi v4.7.2 through the WebUI, user test1 does not have permission to reset the password of user test3, but the password of user test3 can be reset through the /system/user/resetPwd request. | 6.5 |
| 2022-03-29 | CVE-2022-22941 | Incorrect Permission Assignment for Critical Resource vulnerability in Saltstack Salt An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. | 8.8 |