CWE-266
AllowedIncorrect Privilege Assignment
Abstraction: Base · Status: Draft
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1913 vulnerabilities reference this CWE, most recent first.
GHSA-76Q6-R982-4FXQ
Vulnerability from github – Published: 2024-06-14 00:33 – Updated: 2024-06-14 00:33NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. A successful exploit of this vulnerability might lead to data tampering, escalation of privileges, and denial of service.
{
"affected": [],
"aliases": [
"CVE-2024-0085"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-13T22:15:11Z",
"severity": "MODERATE"
},
"details": "NVIDIA vGPU software for Windows and Linux contains a vulnerability where unprivileged users could execute privileged operations on the host. A successful exploit of this vulnerability might lead to data tampering, escalation of privileges, and denial of service.",
"id": "GHSA-76q6-r982-4fxq",
"modified": "2024-06-14T00:33:06Z",
"published": "2024-06-14T00:33:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0085"
},
{
"type": "WEB",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5551"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-76Q9-9H4J-5FWQ
Vulnerability from github – Published: 2025-06-26 18:31 – Updated: 2025-06-26 18:31A vulnerability was found in SIFUSM/MZZYG BD S1 up to 20250611. It has been declared as problematic. This vulnerability affects unknown code of the component RTSP Live Video Stream Endpoint. The manipulation leads to improper access controls. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used. This dashcam is distributed by multiple resellers and different names.
{
"affected": [],
"aliases": [
"CVE-2025-6531"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-24T00:15:25Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in SIFUSM/MZZYG BD S1 up to 20250611. It has been declared as problematic. This vulnerability affects unknown code of the component RTSP Live Video Stream Endpoint. The manipulation leads to improper access controls. Access to the local network is required for this attack to succeed. The exploit has been disclosed to the public and may be used. This dashcam is distributed by multiple resellers and different names.",
"id": "GHSA-76q9-9h4j-5fwq",
"modified": "2025-06-26T18:31:25Z",
"published": "2025-06-26T18:31:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6531"
},
{
"type": "WEB",
"url": "https://github.com/geo-chen/BD"
},
{
"type": "WEB",
"url": "https://github.com/geo-chen/BD?tab=readme-ov-file#finding-1-unauthenticated-access-of-livestream-and-download-of-video-recordings"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.313648"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.313648"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.595452"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-77CH-RVC7-4FJV
Vulnerability from github – Published: 2024-12-16 15:31 – Updated: 2026-04-01 18:32Incorrect Privilege Assignment vulnerability in Halim KH Easy User Settings allows Privilege Escalation.This issue affects KH Easy User Settings: from n/a through 1.0.0.
{
"affected": [],
"aliases": [
"CVE-2024-54365"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-12-16T15:15:09Z",
"severity": "HIGH"
},
"details": "Incorrect Privilege Assignment vulnerability in Halim KH Easy User Settings allows Privilege Escalation.This issue affects KH Easy User Settings: from n/a through 1.0.0.",
"id": "GHSA-77ch-rvc7-4fjv",
"modified": "2026-04-01T18:32:49Z",
"published": "2024-12-16T15:31:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54365"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/kh-easy-user-settings/vulnerability/wordpress-kh-easy-user-settings-plugin-1-0-0-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-77GM-M6X5-JF4F
Vulnerability from github – Published: 2026-06-09 18:30 – Updated: 2026-06-30 03:36Improper authorization in .NET allows an authorized attacker to elevate privileges locally.
{
"affected": [],
"aliases": [
"CVE-2026-45490"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-285",
"CWE-863"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-09T17:17:25Z",
"severity": "HIGH"
},
"details": "Improper authorization in .NET allows an authorized attacker to elevate privileges locally.",
"id": "GHSA-77gm-m6x5-jf4f",
"modified": "2026-06-30T03:36:59Z",
"published": "2026-06-09T18:30:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45490"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2026-45490"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487184"
},
{
"type": "WEB",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45490"
},
{
"type": "WEB",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-45490.json"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-77GX-3FXF-6GXJ
Vulnerability from github – Published: 2025-04-27 18:30 – Updated: 2025-04-27 18:30A vulnerability was found in iteachyou Dreamer CMS up to 4.1.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/attachment/download of the component Attachment Handler. The manipulation of the argument ID leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2025-3977"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-27T17:15:15Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in iteachyou Dreamer CMS up to 4.1.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/attachment/download of the component Attachment Handler. The manipulation of the argument ID leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-77gx-3fxf-6gxj",
"modified": "2025-04-27T18:30:24Z",
"published": "2025-04-27T18:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3977"
},
{
"type": "WEB",
"url": "https://gitee.com/iteachyou/dreamer_cms/issues/IC13O1"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.306313"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.306313"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.557639"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-78RR-5VRH-JHQH
Vulnerability from github – Published: 2025-05-14 21:31 – Updated: 2025-05-15 21:31An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local user also successfully exploits a race condition, which makes this vulnerability difficult to exploit.
{
"affected": [],
"aliases": [
"CVE-2025-0131"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-05-14T19:15:51Z",
"severity": "HIGH"
},
"details": "An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect\u2122 app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\\SYSTEM. However, execution requires that the local user also successfully exploits a race condition, which makes this vulnerability difficult to exploit.",
"id": "GHSA-78rr-5vrh-jhqh",
"modified": "2025-05-15T21:31:26Z",
"published": "2025-05-14T21:31:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0131"
},
{
"type": "WEB",
"url": "https://security.paloaltonetworks.com/CVE-2025-0131"
},
{
"type": "WEB",
"url": "https://www.opswat.com/docs/mdsdk/release-notes/cve-2025-0131"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:X/U:Amber",
"type": "CVSS_V4"
}
]
}
GHSA-78XF-28C3-3286
Vulnerability from github – Published: 2022-12-05 09:30 – Updated: 2022-12-06 18:30A vulnerability has been found in Facepay 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /face-recognition-php/facepay-master/camera.php. The manipulation of the argument userId leads to authorization bypass. The attack can be launched remotely. The identifier VDB-214789 was assigned to this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2022-4281"
],
"database_specific": {
"cwe_ids": [
"CWE-266",
"CWE-269",
"CWE-285"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-12-05T07:15:00Z",
"severity": "HIGH"
},
"details": "A vulnerability has been found in Facepay 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /face-recognition-php/facepay-master/camera.php. The manipulation of the argument userId leads to authorization bypass. The attack can be launched remotely. The identifier VDB-214789 was assigned to this vulnerability.",
"id": "GHSA-78xf-28c3-3286",
"modified": "2022-12-06T18:30:19Z",
"published": "2022-12-05T09:30:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4281"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.214789"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7C63-X96C-8HPQ
Vulnerability from github – Published: 2025-10-27 21:30 – Updated: 2025-10-27 21:30IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to privilege escalation due to improper privilege assignment to an update script.
{
"affected": [],
"aliases": [
"CVE-2025-36007"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-10-27T19:16:03Z",
"severity": "HIGH"
},
"details": "IBM QRadar SIEM 7.5 through 7.5.0 Update Pack 13 Independent Fix 02 is vulnerable to privilege escalation due to improper privilege assignment to an update script.",
"id": "GHSA-7c63-x96c-8hpq",
"modified": "2025-10-27T21:30:27Z",
"published": "2025-10-27T21:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36007"
},
{
"type": "WEB",
"url": "https://www.ibm.com/support/pages/node/7249277"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-7C75-35MF-F3W9
Vulnerability from github – Published: 2026-07-10 18:32 – Updated: 2026-07-13 18:30A flaw has been found in Eleveo Call Recording Software 9.7.0. This affects an unknown function of the file /callrec/roleAddAction.do of the component Group Interface. Executing a manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
{
"affected": [],
"aliases": [
"CVE-2026-15374"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-07-10T16:16:26Z",
"severity": "LOW"
},
"details": "A flaw has been found in Eleveo Call Recording Software 9.7.0. This affects an unknown function of the file /callrec/roleAddAction.do of the component Group Interface. Executing a manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
"id": "GHSA-7c75-35mf-f3w9",
"modified": "2026-07-13T18:30:29Z",
"published": "2026-07-10T18:32:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-15374"
},
{
"type": "WEB",
"url": "https://drive.google.com/file/d/1GtIZC_PrOJPfQAfjcBckEbf8uDzGjt9B/view?usp=sharing"
},
{
"type": "WEB",
"url": "https://github.com/omarelshopky/cves/tree/main/eleveo/call-recording-software/CVE-2026-15374"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-15374"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/797458"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/377441"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/377441/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-7CHM-5J7F-H4XF
Vulnerability from github – Published: 2025-08-20 09:30 – Updated: 2026-04-01 18:35Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro allows Privilege Escalation. This issue affects Simple Business Directory Pro: from n/a through n/a.
{
"affected": [],
"aliases": [
"CVE-2025-53580"
],
"database_specific": {
"cwe_ids": [
"CWE-266"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-08-20T08:15:43Z",
"severity": "CRITICAL"
},
"details": "Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro allows Privilege Escalation. This issue affects Simple Business Directory Pro: from n/a through n/a.",
"id": "GHSA-7chm-5j7f-h4xf",
"modified": "2026-04-01T18:35:55Z",
"published": "2025-08-20T09:30:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53580"
},
{
"type": "WEB",
"url": "https://patchstack.com/database/wordpress/plugin/simple-business-directory-pro/vulnerability/wordpress-simple-business-directory-pro-plugin-15-6-9-privilege-escalation-vulnerability?_s_id=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation MIT-1
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Mitigation MIT-17
Strategy: Environment Hardening
Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
No CAPEC attack patterns related to this CWE.