Skip to main content

CWE-279

Incorrect Execution-Assigned Permissions

10 CVEs Avg CVSS 6.0 MITRE
0
CRITICAL
4
HIGH
5
MEDIUM
1
LOW
0
POC
0
KEV

Monthly

CVE-2026-4948 MEDIUM PATCH This Month

Firewalld on Red Hat Enterprise Linux 7, 8, 9, and 10, as well as OpenShift Container Platform 4, contains an authentication bypass vulnerability in two D-Bus setters (setZoneSettings2 and setPolicySettings) that allows local unprivileged users to modify runtime firewall configurations without proper authorization. An authenticated local attacker can exploit this to change network security policies, potentially enabling lateral movement or service disruption. No public exploit code has been identified at the time of analysis, though Red Hat has issued security advisories (CVE-2026-4948, Bugzilla #2452086).

Authentication Bypass Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9 +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20062 HIGH This Week

Cisco Secure Firewall ASA in multi-context mode contains an access control bypass in SCP operations that allows authenticated local administrators of one context to read, modify, or create files in other contexts, including sensitive admin and system configuration files. The vulnerability stems from improper validation of cross-context file access when the CiscoSSH stack is enabled. No patch is currently available for this high-severity flaw.

Cisco
NVD
CVSS 3.1
7.2
EPSS
0.0%
CVE-2025-12801 MEDIUM PATCH This Month

A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mount time. [CVSS 6.5 MEDIUM]

Privilege Escalation Enterprise Linux Nfs Utils Openshift Container Platform
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-14025 HIGH PATCH This Week

A flaw was found in Ansible Automation Platform (AAP). Read-only scoped OAuth2 API Tokens in AAP, are enforced at the Gateway level for Gateway-specific operations. [CVSS 8.5 HIGH]

Information Disclosure Red Hat
NVD
CVSS 3.1
8.5
EPSS
0.0%
CVE-2024-25621 Go HIGH PATCH This Month

containerd is an open-source container runtime. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Red Hat Suse Containerd
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-26422 MEDIUM PATCH Monitor

In dump of WindowManagerService.java, there is a possible way of running dumpsys without the required permission due to a missing permission check. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Google Android
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2025-23233 MEDIUM This Month

Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.1
EPSS
0.1%
CVE-2025-22843 HIGH This Week

Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 8.8). No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
8.8
EPSS
0.0%
CVE-2025-20612 MEDIUM This Month

Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
CVSS 4.0
5.1
EPSS
0.1%
CVE-2024-39286 LOW Monitor

Incorrect execution-assigned permissions in the Linux kernel mode driver for the Intel(R) 800 Series Ethernet Driver before version 1.15.4 may allow an authenticated user to potentially enable. Rated low severity (CVSS 2.0), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Linux Intel Linux Kernel
NVD
CVSS 4.0
2.0
EPSS
0.0%
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Firewalld on Red Hat Enterprise Linux 7, 8, 9, and 10, as well as OpenShift Container Platform 4, contains an authentication bypass vulnerability in two D-Bus setters (setZoneSettings2 and setPolicySettings) that allows local unprivileged users to modify runtime firewall configurations without proper authorization. An authenticated local attacker can exploit this to change network security policies, potentially enabling lateral movement or service disruption. No public exploit code has been identified at the time of analysis, though Red Hat has issued security advisories (CVE-2026-4948, Bugzilla #2452086).

Authentication Bypass Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 7 +3
NVD VulDB
EPSS 0% CVSS 7.2
HIGH This Week

Cisco Secure Firewall ASA in multi-context mode contains an access control bypass in SCP operations that allows authenticated local administrators of one context to read, modify, or create files in other contexts, including sensitive admin and system configuration files. The vulnerability stems from improper validation of cross-context file access when the CiscoSSH stack is enabled. No patch is currently available for this high-severity flaw.

Cisco
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mount time. [CVSS 6.5 MEDIUM]

Privilege Escalation Enterprise Linux Nfs Utils +1
NVD
EPSS 0% CVSS 8.5
HIGH PATCH This Week

A flaw was found in Ansible Automation Platform (AAP). Read-only scoped OAuth2 API Tokens in AAP, are enforced at the Gateway level for Gateway-specific operations. [CVSS 8.5 HIGH]

Information Disclosure Red Hat
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Month

containerd is an open-source container runtime. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Information Disclosure Red Hat Suse +1
NVD GitHub
EPSS 0% CVSS 4.0
MEDIUM PATCH Monitor

In dump of WindowManagerService.java, there is a possible way of running dumpsys without the required permission due to a missing permission check. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Google Android
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 8.8). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 2.0
LOW Monitor

Incorrect execution-assigned permissions in the Linux kernel mode driver for the Intel(R) 800 Series Ethernet Driver before version 1.15.4 may allow an authenticated user to potentially enable. Rated low severity (CVSS 2.0), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Linux Intel +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy