Vulnerabilities > Incorrect Permission Assignment for Critical Resource

DATE CVE VULNERABILITY TITLE RISK
2024-06-11 CVE-2024-36821 Incorrect Permission Assignment for Critical Resource vulnerability in Linksys Velop Whw0101 Firmware 1.1.13.202617
Insecure permissions in Linksys Velop WiFi 5 (WHW01v1) 1.1.13.202617 allows attackers to escalate privileges from Guest to root.
low complexity
linksys CWE-732
6.8
2024-06-08 CVE-2024-3668 Incorrect Permission Assignment for Critical Resource vulnerability in Ideabox Powerpack Addons for Elementor
The PowerPack Pro for Elementor plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.10.17.
network
low complexity
ideabox CWE-732
8.8
2024-06-06 CVE-2024-30369 Incorrect Permission Assignment for Critical Resource vulnerability in A10Networks Advanced Core Operating System
A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability.
local
low complexity
a10networks CWE-732
7.8
2024-05-16 CVE-2024-21835 Incorrect Permission Assignment for Critical Resource vulnerability in Intel Extreme Tuning Utility
Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-732
7.8
2024-04-19 CVE-2024-29964 Incorrect Permission Assignment for Critical Resource vulnerability in Broadcom Brocade Sannav
Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files.
network
low complexity
broadcom CWE-732
6.5
2024-03-12 CVE-2024-25644 Incorrect Permission Assignment for Critical Resource vulnerability in SAP Netweaver 7.50
Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integrity and Availability of the application.
network
low complexity
sap CWE-732
5.3
2024-03-12 CVE-2024-28163 Incorrect Permission Assignment for Critical Resource vulnerability in SAP Netweaver Process Integration 7.50
Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integrity and Availability of the application.
network
low complexity
sap CWE-732
5.3
2024-02-29 CVE-2024-27294 Incorrect Permission Assignment for Critical Resource vulnerability in Danielparks Dp-Golang
dp-golang is a Puppet module for Go installations.
local
low complexity
danielparks CWE-732
7.8
2024-02-16 CVE-2024-21915 Incorrect Permission Assignment for Critical Resource vulnerability in Rockwellautomation Factorytalk Services Platform
A privilege escalation vulnerability exists in Rockwell Automation FactoryTalk® Service Platform (FTSP).
network
low complexity
rockwellautomation CWE-732
8.8
2024-02-14 CVE-2023-33870 Incorrect Permission Assignment for Critical Resource vulnerability in Intel products
Insecure inherited permissions in some Intel(R) Ethernet tools and driver install software may allow an authenticated user to potentially enable escalation of privilege via local access.
local
low complexity
intel CWE-732
7.8