Common Weakness Enumeration

CWE-250

Allowed

Execution with Unnecessary Privileges

Abstraction: Base · Status: Draft

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

575 vulnerabilities reference this CWE, most recent first.

GHSA-49PM-43HF-6XFQ

Vulnerability from github – Published: 2026-05-29 18:24 – Updated: 2026-06-12 19:31
VLAI
Summary
IPAM controller service account granted unnecessary full access to Secrets
Details

Impact

IPAM is the IP address Manager for Cluster API Provider Metal3. The IPAM controller's ClusterRole granted full CRUD permissions (create, delete, get, list, patch, update, watch) on core/v1 Secrets. The controller never accesses Secrets during normal operation. If the controller pod were compromised (e.g. via supply chain attack or container escape), an attacker could leverage these excessive permissions to read, modify, or delete Secrets in the namespace, potentially exposing credentials and other sensitive data.

All users running ip-address-manager versions prior to the patched releases are affected.

Patches

Fixed in: - v1.11.7 - v1.12.4 - v1.13.0

Users should upgrade to the patched version for their release branch.

Workarounds

Manually remove the Secrets resource entry from the metal3-ipam-controller-manager-role ClusterRole:

# Remove this entire block from the ClusterRole
- apiGroups:
  - ""
  resources:
  - secrets
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch

Resources

  • https://github.com/metal3-io/ip-address-manager/pull/1355
  • https://github.com/metal3-io/ip-address-manager/pull/1356 (backport to release-1.12)
  • https://github.com/metal3-io/ip-address-manager/pull/1357 (backport to release-1.11)
Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.11.6"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/metal3-io/ip-address-manager"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.11.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.12.3"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/metal3-io/ip-address-manager"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.12.0"
            },
            {
              "fixed": "1.12.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-47190"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-29T18:24:45Z",
    "nvd_published_at": "2026-06-12T16:16:29Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nIPAM is the IP address Manager for Cluster API Provider Metal3. The IPAM controller\u0027s ClusterRole granted full CRUD permissions (create, delete, get, list, patch, update, watch) on core/v1 Secrets. The controller never accesses Secrets during normal operation. If the controller pod were compromised (e.g. via supply chain attack or container escape), an attacker could leverage these excessive  permissions to read, modify, or delete Secrets in the namespace, potentially exposing credentials and other sensitive data.\n\nAll users running ip-address-manager versions prior to the patched releases are affected.\n\n### Patches\n\nFixed in:\n- v1.11.7\n- v1.12.4\n- v1.13.0\n\nUsers should upgrade to the patched version for their release branch.\n\n### Workarounds\n\nManually remove the Secrets resource entry from the metal3-ipam-controller-manager-role ClusterRole:\n\n```yaml\n# Remove this entire block from the ClusterRole\n- apiGroups:\n  - \"\"\n  resources:\n  - secrets\n  verbs:\n  - create\n  - delete\n  - get\n  - list\n  - patch\n  - update\n  - watch\n```\n\n### Resources\n\n- https://github.com/metal3-io/ip-address-manager/pull/1355\n- https://github.com/metal3-io/ip-address-manager/pull/1356 (backport to release-1.12)\n- https://github.com/metal3-io/ip-address-manager/pull/1357 (backport to release-1.11)",
  "id": "GHSA-49pm-43hf-6xfq",
  "modified": "2026-06-12T19:31:26Z",
  "published": "2026-05-29T18:24:45Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/metal3-io/ip-address-manager/security/advisories/GHSA-49pm-43hf-6xfq"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47190"
    },
    {
      "type": "WEB",
      "url": "https://github.com/metal3-io/ip-address-manager/pull/1355"
    },
    {
      "type": "WEB",
      "url": "https://github.com/metal3-io/ip-address-manager/pull/1356"
    },
    {
      "type": "WEB",
      "url": "https://github.com/metal3-io/ip-address-manager/pull/1357"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/metal3-io/ip-address-manager"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "IPAM controller service account granted unnecessary full access to Secrets"
}

GHSA-4C6M-GMP8-84FQ

Vulnerability from github – Published: 2025-10-30 21:30 – Updated: 2025-10-30 21:30
VLAI
Details

IBM Sterling Connect Direct for Unix 6.2.0.7 through 6.2.0.9 iFix004, 6.4.0.0 through 6.4.0.2 iFix001, and 6.3.0.2 through 6.3.0.5 iFix002 incorrectly assigns permissions for maintenance tasks to Control Center Director (CCD) users that could allow a privileged user to escalate their privileges further due to unnecessary privilege assignment for post update scripts.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-36137"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-30T19:16:23Z",
    "severity": "HIGH"
  },
  "details": "IBM Sterling Connect Direct for Unix 6.2.0.7 through 6.2.0.9 iFix004, 6.4.0.0 through 6.4.0.2 iFix001, and 6.3.0.2 through 6.3.0.5 iFix002 incorrectly assigns permissions for maintenance tasks to Control Center Director (CCD) users that could allow a privileged user to escalate their privileges further due to unnecessary privilege assignment for post update scripts.",
  "id": "GHSA-4c6m-gmp8-84fq",
  "modified": "2025-10-30T21:30:46Z",
  "published": "2025-10-30T21:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-36137"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7249678"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4C73-92CW-X6VQ

Vulnerability from github – Published: 2026-04-08 18:34 – Updated: 2026-04-08 18:34
VLAI
Details

Execution with Unnecessary Privileges (CWE-250) in Kibana’s Fleet plugin debug route handlers can lead reading index data beyond their direct Elasticsearch RBAC scope via Privilege Abuse (CAPEC-122). This requires an authenticated Kibana user with Fleet sub-feature privileges (such as agents, agent policies, and settings management).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-4498"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-08T17:21:24Z",
    "severity": "HIGH"
  },
  "details": "Execution with Unnecessary Privileges (CWE-250) in Kibana\u2019s Fleet plugin debug route handlers can lead reading index data beyond their direct Elasticsearch RBAC scope via Privilege Abuse (CAPEC-122). This requires an authenticated Kibana user with Fleet sub-feature privileges (such as agents, agent policies, and settings management).",
  "id": "GHSA-4c73-92cw-x6vq",
  "modified": "2026-04-08T18:34:07Z",
  "published": "2026-04-08T18:34:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4498"
    },
    {
      "type": "WEB",
      "url": "https://discuss.elastic.co/t/kibana-8-19-14-9-2-8-9-3-3-security-update-esa-2026-21/385811"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4HHJ-H38J-CCW8

Vulnerability from github – Published: 2023-07-12 15:30 – Updated: 2024-01-25 18:30
VLAI
Details

A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device.

The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted command to the affected system. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, an attacker must have valid BroadWorks administrative privileges on the affected device.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-20210"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-12T14:15:09Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device.\n\n The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted command to the affected system. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, an attacker must have valid BroadWorks administrative privileges on the affected device.",
  "id": "GHSA-4hhj-h38j-ccw8",
  "modified": "2024-01-25T18:30:37Z",
  "published": "2023-07-12T15:30:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20210"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-privesc-yw4ekrXW"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4J6Q-QQ58-W4V4

Vulnerability from github – Published: 2026-03-04 18:31 – Updated: 2026-03-04 18:31
VLAI
Details

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device.

This vulnerability is due to insufficient input validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input for a specific CLI command. A successful exploit could allow the attacker to execute commands on the underlying operating system as root.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-20017"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-04T18:16:16Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device.\n\nThis vulnerability is due to insufficient input validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input for a specific CLI command. A successful exploit could allow the attacker to execute commands on the underlying operating system as\u0026nbsp;root.",
  "id": "GHSA-4j6q-qq58-w4v4",
  "modified": "2026-03-04T18:31:54Z",
  "published": "2026-03-04T18:31:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20017"
    },
    {
      "type": "WEB",
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmd-inj-mTzGZexf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4J9M-52H7-F59Q

Vulnerability from github – Published: 2023-03-13 21:30 – Updated: 2023-03-22 18:30
VLAI
Details

Wondershare Dr.Fone v12.9.6 was discovered to contain weak permissions for the service WsDrvInst. This vulnerability allows attackers to escalate privileges via modifying or overwriting the executable.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-27010"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-13T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "Wondershare Dr.Fone v12.9.6 was discovered to contain weak permissions for the service WsDrvInst. This vulnerability allows attackers to escalate privileges via modifying or overwriting the executable.",
  "id": "GHSA-4j9m-52h7-f59q",
  "modified": "2023-03-22T18:30:37Z",
  "published": "2023-03-13T21:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27010"
    },
    {
      "type": "WEB",
      "url": "https://cwe.mitre.org/data/definitions/250.html"
    },
    {
      "type": "WEB",
      "url": "https://packetstormsecurity.com/files/171301/Wondershare-Dr-Fone-12.9.6-Weak-Permissions-Privilege-Escalation.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4P2X-J6F2-872J

Vulnerability from github – Published: 2023-10-12 21:30 – Updated: 2024-04-04 08:36
VLAI
Details

SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-27312"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-12T19:15:11Z",
    "severity": "MODERATE"
  },
  "details": "SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are \nsusceptible to a vulnerability which may allow authenticated \nunprivileged users to modify email and snapshot name settings within the\n VMware vSphere user interface.\n\n\n",
  "id": "GHSA-4p2x-j6f2-872j",
  "modified": "2024-04-04T08:36:10Z",
  "published": "2023-10-12T21:30:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27312"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20230713-0001"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4QV4-VH73-Q92W

Vulnerability from github – Published: 2024-03-22 00:31 – Updated: 2024-08-27 21:31
VLAI
Details

A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by reducing the information sent in requests.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-42954"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-21T23:15:09Z",
    "severity": "MODERATE"
  },
  "details": "A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by reducing the information sent in requests.",
  "id": "GHSA-4qv4-vh73-q92w",
  "modified": "2024-08-27T21:31:11Z",
  "published": "2024-03-22T00:31:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42954"
    },
    {
      "type": "WEB",
      "url": "https://support.claris.com/s/answerview?anum=000041424\u0026language=en_US"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-4RCJ-4MWW-76CQ

Vulnerability from github – Published: 2026-03-23 03:31 – Updated: 2026-03-23 03:31
VLAI
Details

GV Edge Recording Manager (ERM) v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system. 

During installation, ERM creates a Windows service that runs under the LocalSystem account. 

When the ERM application is launched, related processes are spawned under SYSTEM privileges rather than the security context of the logged-in user. 

Functions such as 'Import Data' open a Windows file dialog operating with SYSTEM permissions, enabling modification or deletion of protected system files and directories. 

Any ERM function invoking Windows file open/save dialogs exposes the same risk. 

This vulnerability allows local privilege escalation and may result in full system compromise.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-4606"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-23T02:16:05Z",
    "severity": "CRITICAL"
  },
  "details": "GV Edge Recording Manager (ERM) v2.3.1 improperly runs application components with SYSTEM-level privileges, allowing any local user to gain full control of the operating system.\u00a0\n\nDuring installation, ERM creates a Windows service that runs under the LocalSystem account.\u00a0\n\nWhen the ERM application is launched, related processes are spawned under SYSTEM privileges rather than the security context of the logged-in user.\u00a0\n\nFunctions such as \u0027Import Data\u0027 open a Windows file dialog operating with SYSTEM permissions, enabling modification or deletion of protected system files and directories.\u00a0\n\nAny ERM function invoking Windows file open/save dialogs exposes the same risk.\u00a0\n\nThis vulnerability allows local privilege escalation and may result in full system compromise.",
  "id": "GHSA-4rcj-4mww-76cq",
  "modified": "2026-03-23T03:31:39Z",
  "published": "2026-03-23T03:31:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4606"
    },
    {
      "type": "WEB",
      "url": "https://https://www.geovision.com.tw/cyber_security.php"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:I/V:C/RE:M/U:Green",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-4W89-WF2P-R2RR

Vulnerability from github – Published: 2024-04-09 21:31 – Updated: 2024-08-24 00:30
VLAI
Details

An issue in Canimaan Software LTD ClamXAV v3.1.2 through v3.6.1 and fixed in v.3.6.2 allows a local attacker to escalate privileges via the ClamXAV helper tool component.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-24245"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-09T19:15:22Z",
    "severity": "HIGH"
  },
  "details": "An issue in Canimaan Software LTD ClamXAV v3.1.2 through v3.6.1 and fixed in v.3.6.2 allows a local attacker to escalate privileges via the ClamXAV helper tool component.",
  "id": "GHSA-4w89-wf2p-r2rr",
  "modified": "2024-08-24T00:30:29Z",
  "published": "2024-04-09T21:31:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24245"
    },
    {
      "type": "WEB",
      "url": "https://www.clamxav.com/version-history"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-17
Architecture and Design Operation

Strategy: Environment Hardening

Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

Mitigation MIT-18
Architecture and Design

Strategy: Separation of Privilege

Identify the functionality that requires additional privileges, such as access to privileged operating system resources. Wrap and centralize this functionality if possible, and isolate the privileged code as much as possible from other code [REF-76]. Raise privileges as late as possible, and drop them as soon as possible to avoid CWE-271. Avoid weaknesses such as CWE-288 and CWE-420 by protecting all possible communication channels that could interact with the privileged code, such as a secondary socket that is only intended to be accessed by administrators.

Mitigation MIT-18
Architecture and Design

Strategy: Attack Surface Reduction

Identify the functionality that requires additional privileges, such as access to privileged operating system resources. Wrap and centralize this functionality if possible, and isolate the privileged code as much as possible from other code [REF-76]. Raise privileges as late as possible, and drop them as soon as possible to avoid CWE-271. Avoid weaknesses such as CWE-288 and CWE-420 by protecting all possible communication channels that could interact with the privileged code, such as a secondary socket that is only intended to be accessed by administrators.

Mitigation
Implementation

Perform extensive input validation for any privileged code that must be exposed to the user and reject anything that does not fit your strict requirements.

Mitigation MIT-19
Implementation

When dropping privileges, ensure that they have been dropped successfully to avoid CWE-273. As protection mechanisms in the environment get stronger, privilege-dropping calls may fail even if it seems like they would always succeed.

Mitigation
Implementation

If circumstances force you to run with extra privileges, then determine the minimum access level necessary. First identify the different permissions that the software and its users will need to perform their actions, such as file read and write permissions, network socket permissions, and so forth. Then explicitly allow those actions while denying all else [REF-76]. Perform extensive input validation and canonicalization to minimize the chances of introducing a separate vulnerability. This mitigation is much more prone to error than dropping the privileges in the first place.

Mitigation MIT-37
Operation System Configuration

Strategy: Environment Hardening

Ensure that the software runs properly under the United States Government Configuration Baseline (USGCB) [REF-199] or an equivalent hardening configuration guide, which many organizations use to limit the attack surface and potential risk of deployed software.

CAPEC-104: Cross Zone Scripting

An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security.

CAPEC-470: Expanding Control over the Operating System from the Database

An attacker is able to leverage access gained to the database to read / write data to the file system, compromise the operating system, create a tunnel for accessing the host machine, and use this access to potentially attack other machines on the same network as the database machine. Traditionally SQL injections attacks are viewed as a way to gain unauthorized read access to the data stored in the database, modify the data in the database, delete the data, etc. However, almost every data base management system (DBMS) system includes facilities that if compromised allow an attacker complete access to the file system, operating system, and full access to the host running the database. The attacker can then use this privileged access to launch subsequent attacks. These facilities include dropping into a command shell, creating user defined functions that can call system level libraries present on the host machine, stored procedures, etc.

CAPEC-69: Target Programs with Elevated Privileges

This attack targets programs running with elevated privileges. The adversary tries to leverage a vulnerability in the running program and get arbitrary code to execute with elevated privileges.