Vulnerabilities > Incorrect Permission Assignment for Critical Resource
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-17 | CVE-2020-28914 | Incorrect Permission Assignment for Critical Resource vulnerability in Katacontainers Kata-Containers An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. | 7.1 |
| 2020-11-12 | CVE-2020-24525 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel products Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-11-12 | CVE-2019-11121 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel Media SDK 2018 Improper file permissions in the installer for the Intel(R) Media SDK for Windows before version 2019 R1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2020-11-11 | CVE-2020-16990 | Incorrect Permission Assignment for Critical Resource vulnerability in Microsoft Azure Sphere Azure Sphere Information Disclosure Vulnerability | 6.2 |
| 2020-11-10 | CVE-2020-24367 | Incorrect Permission Assignment for Critical Resource vulnerability in Bluestacks Incorrect file permissions in BlueStacks 4 through 4.230 on Windows allow a local attacker to escalate privileges by modifying a file that is later executed by a higher-privileged user. | 7.8 |
| 2020-11-10 | CVE-2020-28055 | Incorrect Permission Assignment for Critical Resource vulnerability in TCL products A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01-LF1 V373 and below by TCL Technology Group Corporation allows a local unprivileged attacker, such as a malicious App, to read & write to the /data/vendor/tcl, /data/vendor/upgrade, and /var/TerminalManager directories within the TV file system. | 7.8 |
| 2020-11-06 | CVE-2020-3595 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root group on the underlying operating system. | 7.8 |
| 2020-11-06 | CVE-2020-17490 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions. | 5.5 |
| 2020-11-06 | CVE-2020-15708 | Incorrect Permission Assignment for Critical Resource vulnerability in Canonical Ubuntu Linux 20.04 Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. | 7.8 |
| 2020-11-02 | CVE-2020-27992 | Incorrect Permission Assignment for Critical Resource vulnerability in Wondershare Dr.Fone 3.0.0 Dr.Fone 3.0.0 allows local users to gain privileges via a Trojan horse DriverInstall.exe because %PROGRAMFILES(X86)%\Wondershare\dr.fone\Library\DriverInstaller has Full Control for BUILTIN\Users. | 7.8 |