Skip to main content

Privilege Escalation

auth HIGH

Privilege escalation occurs when an attacker leverages flaws in access control mechanisms to gain permissions beyond what they were originally granted.

How It Works

Privilege escalation occurs when an attacker leverages flaws in access control mechanisms to gain permissions beyond what they were originally granted. The attack exploits the gap between what the system thinks a user can do and what they actually can do through manipulation or exploitation.

Vertical escalation is the classic form—a regular user obtaining administrator rights. This happens through kernel exploits that bypass OS-level security, misconfigurations in role-based access control (RBAC) that fail to enforce boundaries, or direct manipulation of authorization tokens and session data. Horizontal escalation involves accessing resources belonging to users at the same privilege level, typically through insecure direct object references (IDOR) where changing an ID in a request grants access to another user's data.

Context-dependent escalation exploits workflow logic by skipping authorization checkpoints. An attacker might access administrative URLs directly without going through proper authentication flows, manipulate parameters to bypass permission checks, or exploit REST API endpoints that don't validate method permissions—like a read-only GET permission that can be leveraged for write operations through protocol upgrades or alternative endpoints.

Impact

  • Full system compromise through kernel-level exploits granting root or SYSTEM privileges
  • Administrative control over applications, allowing configuration changes, user management, and deployment of malicious code
  • Lateral movement across cloud infrastructure, containers, or network segments using escalated service account permissions
  • Data exfiltration by accessing databases, file systems, or API endpoints restricted to higher privilege levels
  • Persistence establishment through creation of backdoor accounts or modification of system configurations

Real-World Examples

Kubernetes clusters have been compromised through kubelet API misconfigurations where read-only GET permissions on worker nodes could be escalated to remote code execution. Attackers upgraded HTTP connections to WebSockets to access the /exec endpoint, gaining shell access to all pods on the node. This affected over 69 Helm charts including widely-deployed monitoring tools like Prometheus, Grafana, and Datadog agents.

Windows Print Spooler vulnerabilities (PrintNightmare class) allowed authenticated users to execute arbitrary code with SYSTEM privileges by exploiting improper privilege checks in the print service. Attackers loaded malicious DLLs through carefully crafted print jobs, escalating from low-privilege user accounts to full domain administrator access.

Cloud metadata services have been exploited where SSRF vulnerabilities combined with over-permissioned IAM roles allowed attackers to retrieve temporary credentials with elevated permissions, pivoting from compromised web applications to broader cloud infrastructure access.

Mitigation

  • Enforce deny-by-default access control where permissions must be explicitly granted rather than implicitly allowed
  • Implement consistent authorization checks at every layer—API gateway, application logic, and data access—never relying on client-side or single-point validation
  • Apply principle of least privilege with time-limited, scope-restricted permissions and just-in-time access for administrative functions
  • Audit permission inheritance and role assignments regularly to identify overly permissive configurations or privilege creep
  • Separate execution contexts using containers, sandboxes, or capability-based security to limit blast radius
  • Deploy runtime monitoring for unusual privilege usage patterns and anomalous access to restricted resources

Recent CVEs (13302)

EPSS 0% CVSS 8.0
HIGH This Week

In btif_hh_hsdata_rpt_copy_cb of bta_hh.cc, there is a possible way to corrupt memory due to a use after free. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free +3
NVD
EPSS 0% CVSS 7.2
HIGH This Month

A non-primary administrator user with admin rights to the web interface but without shell access permissions can display configuration of the device including the master admin password. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH This Month

The Event List plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.0.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 6.8
MEDIUM POC This Week

Incorrect access control in the EEPROM component of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows attackers to replace password. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Ris 9160 Firmware Ris 9260 Firmware
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell.The command "deviceinfo show file" is supposed to be used from restricted shell to show files. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Month

An issue was discovered in Mahara 23.04.8 and 24.04.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Mahara
NVD
EPSS 0% CVSS 4.8
MEDIUM Monitor

The configuration of Cursor on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Cursor TCC (Transparency,. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Apple Privilege Escalation +1
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM Monitor

The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC (Transparency,. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Apple Privilege Escalation +1
NVD
EPSS 0% CVSS 4.8
MEDIUM Monitor

The configuration of Mosh-Pro on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Mosh-Pro TCC (Transparency,. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Apple Privilege Escalation +1
NVD
EPSS 0% CVSS 8.8
HIGH This Month

The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Month

Langflow is a tool for building and deploying AI-powered agents and workflows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Langflow
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC This Month

Insecure default credentials for the Adminsitrator account of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to escalate privileges via a bruteforce attack. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation D-Link Dsl 7740C Firmware
NVD GitHub
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Apache Cassandra +1
NVD
EPSS 0% CVSS 7.3
HIGH This Month

An Unquoted Search Path vulnerability has been identified in the utility for Moxa’s industrial computers (Windows). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows
NVD
EPSS 0% CVSS 7.3
HIGH POC This Month

D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure implementation in the mydlink-watch-dog.sh script. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE D-Link Privilege Escalation +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Insufficient privilege verification in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows authenticated attackers to create accounts with elevated. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

An issue in PDQ Smart Deploy V.3.0.2040 allows an attacker to escalate privileges via the Credential encryption routines in SDCommon.dll. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Smart Deploy
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

An issue was discovered in the changePassword method in file /usr/share/php/openmediavault/system/user.inc in OpenMediaVault 7.4.17 allowing local authenticated attackers to escalate privileges to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP Privilege Escalation Openmediavault
NVD GitHub
EPSS 0% CVSS 7.8
HIGH This Month

IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privileges via a misconfigured cronjob due to execution with unnecessary privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Privilege Escalation Qradar Incident Forensics +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

MCSManager 10.5.3 daemon process runs as a root account by default, and its sensitive data (including tokens and terminal content) is stored in the data directory, readable by all users. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC This Month

Incorrect access control in the component \controller\UserController.java of jshERP v3.5 allows attackers to arbitrarily reset user account passwords and execute a horizontal privilege escalation. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Privilege Escalation Java +1
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

An XML external entities (XXE) injection vulnerability in the /init API endpoint in Exagid EX10 before 6.4.0 P20, 7.0.1 P12, and 7.2.0 P08 allows an authenticated, unprivileged attacker to achieve. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Privilege Escalation Information Disclosure
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Month

Multiple Incorrect Permission Assignment for Critical Resource in UISP Application may allow a malicious actor with certain permissions to escalate privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 7.3
HIGH This Month

AOMEI Backupper Workstation Link Following Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Backupper Workstation
NVD
EPSS 0% CVSS 8.1
HIGH This Week

There is an improper privilege management vulnerability identified in ManageEngine's Asset Explorer, ServiceDesk Plus, ServiceDesk Plus MSP, and SupportCenter Plus products by Zohocorp. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 8.5
HIGH This Week

The StrongDM Windows service incorrectly handled communication related to system certificate management. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Windows
NVD
EPSS 0% CVSS 8.5
HIGH This Week

The StrongDM Windows service incorrectly handled input validation. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Microsoft Privilege Escalation +1
NVD
EPSS 0% CVSS 8.4
HIGH This Month

arbitrary code execution when a privileged engineer user with console access modifies a configuration file used by a root-level daemon to execute custom scripts. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation
NVD
EPSS 0% CVSS 7.5
HIGH This Month

In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership. Rated high severity (CVSS 7.5). No vendor patch available.

Privilege Escalation Teamcity
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Incorrect Privilege Assignment vulnerability in Emraan Cheema CubeWP Framework allows Privilege Escalation.1.24. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 9.9
CRITICAL Act Now

Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP allows Privilege Escalation.2.2. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro allows Privilege Escalation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in DexignZone JobZilla - Job Board WordPress Theme allows Privilege Escalation.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Incorrect Privilege Assignment vulnerability in DELUCKS DELUCKS SEO allows Privilege Escalation.6.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Incorrect Privilege Assignment vulnerability in Brainstorm Force SureDash allows Privilege Escalation.0.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Incorrect Privilege Assignment vulnerability in Saad Iqbal Bookify allows Privilege Escalation.0.9. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Synapse Mobility 8.0, 8.0.1, 8.0.2, 8.1, and 8.1.1 contain a privilege escalation vulnerability through external control of Web parameter. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH This Month

Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wf_get_cookie shortcode. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Privilege Escalation Information Disclosure +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to privilege escalation via the 'change_role_member' parameter in all versions up to, and including, 3.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to privilege escalation via the 'imic_agent_register' function in all versions up to, and including, 3.6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 8.5
HIGH This Month

An improper permission vulnerability was reported in Lenovo PC Manager that could allow a local attacker to escalate privileges. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Lenovo Privilege Escalation Pcmanager
NVD
EPSS 0% CVSS 9.1
CRITICAL PATCH This Week

aiven-db-migrate is an Aiven database migration tool. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection PostgreSQL Privilege Escalation +1
NVD GitHub
EPSS 0% CVSS 9.1
CRITICAL PATCH This Week

aiven-db-migrate is an Aiven database migration tool. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Privilege Escalation PostgreSQL Path Traversal +1
NVD GitHub
EPSS 0% CVSS 9.0
CRITICAL PATCH This Week

Capsule is a multi-tenancy and policy-based framework for Kubernetes. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Kubernetes
NVD GitHub
EPSS 0% CVSS 7.0
HIGH This Month

arbitrary data to be written to protected locations, potentially leading to escalation of privilege, arbitrary file corruption, exposure of application and system information or persistent denial of. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation
NVD
EPSS 1% CVSS 9.8
CRITICAL This Week

In vowifi service, there is a possible command injection due to improper input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Privilege Escalation
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

In Developer Tools, there is a possible missing verification incorrect input. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 8.4
HIGH This Month

In engineer mode service, there is a possible command injection due to improper input validation. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Privilege Escalation
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

The Taxi Booking Manager for Woocommerce | E-cab plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.3.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH This Month

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to unauthorized admin account creation in all versions up to, and including, 67.7.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Privilege Escalation PHP
NVD
EPSS 0% CVSS 8.8
HIGH This Month

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 67.7.0 via the 'page' parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Path Traversal PHP +3
NVD
EPSS 0% CVSS 8.4
HIGH This Month

A potential security vulnerability has been identified in the HPAudioAnalytics service included in the HP Hotkey Support software, which might allow escalation of privilege. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

HP Privilege Escalation
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution with Unnecessary Privileges vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Dell Denial Of Service Privilege Escalation +1
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

In ESPEC North America Web Controller 3 before 3.3.8, /api/v4/auth/ users session privileges are not revoked on logout. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 4.3
MEDIUM Monitor

In ESPEC North America Web Controller 3 before 3.3.8, an attacker with physical access can gain elevated privileges because GRUB and the BIOS are unprotected. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 8.5
HIGH This Month

A security issue exists in FactoryTalk ViewPoint version 14.0 or below due to improper handling of MSI repair operations. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Incorrect Privilege Assignment vulnerability in Ben Ritner - Kadence WP Kadence WooCommerce Email Designer allows Privilege Escalation.5.16. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Privilege Escalation
NVD
EPSS 0% CVSS 9.0
CRITICAL Act Now

Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation
NVD GitHub
EPSS 0% CVSS 7.3
HIGH This Week

A potential security vulnerability has been identified in the System BIOS for some HP PC products which may allow escalation of privilege, arbitrary code execution, denial of service, or information. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

HP RCE Denial Of Service +2
NVD VulDB
EPSS 0% CVSS 6.4
MEDIUM This Month

A vulnerability was found in H3C M2 NAS V100R006. Rated high severity (CVSS 7.3). No vendor patch available.

Privilege Escalation
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL Act Now

Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Meeting Software Development Kit +5
NVD
EPSS 0% CVSS 7.2
HIGH This Week

An incorrect privilege assignment vulnerability [CWE-266] in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.0 all versions, 6.4 all versions, may allow. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Fortinet Privilege Escalation
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SQLi Sql Server 2016 +3
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Month

Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in privilege. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF Adobe Authentication Bypass +5
NVD
EPSS 0% CVSS 5.6
MEDIUM This Month

Improper locking for some Intel(R) TDX Module firmware before version 1.5.13 may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.6). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 4.5
MEDIUM PATCH This Month

Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially. Rated medium severity (CVSS 4.5). No vendor patch available.

Privilege Escalation Intel Suse
NVD
EPSS 0% CVSS 1.8
LOW Monitor

Improper input validation in the Intel Edger8r Tool for some Intel(R) SGX SDK may allow an authenticated user to potentially enable escalation of privilege via local access. Rated low severity (CVSS 1.8). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Incorrect default permissions for some AI Playground software before version v2.3.0 alpha may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Improper input validation for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable escalation of privilege. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Incorrect default permissions for some Intel(R) Distribution for Python software installers before version 2025.1.0 may allow an authenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 5.4). No vendor patch available.

Python Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for some Intel(R) DSA software before version 25.2.15.9 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 4.5
MEDIUM PATCH This Month

Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege. Rated medium severity (CVSS 4.5). No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 8.8). No vendor patch available.

Privilege Escalation Linux Intel +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path in some Intel(R) AI for Enterprise Retrieval-augmented Generation software may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 2.3
LOW Monitor

Improper access control for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable escalation of privilege. Rated low severity (CVSS 2.3), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Privilege Escalation Intel
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.8). No vendor patch available.

Privilege Escalation Linux Intel +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.8). No vendor patch available.

Privilege Escalation Linux Intel +1
NVD
EPSS 0% CVSS 9.3
CRITICAL Act Now

Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via. Rated critical severity (CVSS 9.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Linux Intel +1
NVD
EPSS 0% CVSS 2.0
LOW Monitor

Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of. Rated low severity (CVSS 2.0). No vendor patch available.

Intel Privilege Escalation Linux +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Improper access control in some firmware package and LED mode toggle tool for some Intel(R) PCIe Switch software before version MR4_1.0b1 may allow a privileged user to potentially enable escalation. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Intel
NVD
EPSS 0% CVSS 7.0
HIGH This Week

Insufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware for some Intel(R) Xeon(R) processors may allow a privileged user to potentially enable escalation of. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable. Rated high severity (CVSS 8.8). No vendor patch available.

Privilege Escalation Linux Intel +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled recursion for some TinyCBOR libraries maintained by Intel(R) before version 0.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 8.8). No vendor patch available.

Privilege Escalation Linux Intel +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Suse
NVD
EPSS 0% CVSS 1.8
LOW Monitor

Improper synchronization in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. Rated low severity (CVSS 1.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local. Rated medium severity (CVSS 5.3). No vendor patch available.

Privilege Escalation Intel Suse
NVD
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. Rated high severity (CVSS 7.3). No vendor patch available.

Privilege Escalation Intel Suse
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Uncontrolled search path for some Intel(R) RealSense(TM) Dynamic Calibrator software before version 2.14.2.0 may allow an authenticated user to potentially enable escalation of privilege via local. Rated medium severity (CVSS 5.4). No vendor patch available.

Privilege Escalation Intel Suse
NVD
Prev Page 25 of 148 Next

Quick Facts

Typical Severity
HIGH
Category
auth
Total CVEs
13302

MITRE ATT&CK

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy