CWE-276
AllowedIncorrect Default Permissions
Abstraction: Base · Status: Draft
During installation, installed file permissions are set to allow anyone to modify those files.
2034 vulnerabilities reference this CWE, most recent first.
CVE-2025-2782 (GCVE-0-2025-2782)
Vulnerability from cvelistv5 – Published: 2025-03-28 22:24 – Updated: 2025-03-31 13:24- CWE-276 - Incorrect Default Permissions
| Vendor | Product | Version | |
|---|---|---|---|
| WatchGuard | Terminal Services Agent |
Affected:
12.0 , ≤ 12.10
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2782",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-31T13:23:57.984188Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-31T13:24:07.246Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Terminal Services Agent",
"vendor": "WatchGuard",
"versions": [
{
"lessThanOrEqual": "12.10",
"status": "affected",
"version": "12.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-03-27T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003eThe WatchGuard Terminal Services Agent on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system.\u003c/div\u003e\u003c/div\u003e\u003cp\u003eThis issue affects Terminal Services Agent: from 12.0 through 12.10.\u003c/p\u003e"
}
],
"value": "The WatchGuard Terminal Services Agent on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system.\n\n\n\nThis issue affects Terminal Services Agent: from 12.0 through 12.10."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T22:24:47.152Z",
"orgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"shortName": "WatchGuard"
},
"references": [
{
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00005"
}
],
"source": {
"advisory": "WGSA-2025-00005",
"defect": [
"FBX-27511"
],
"discovery": "UNKNOWN"
},
"title": "WatchGuard Terminal Services Agent Local Privilege Escalation via Non-Standard Installation Directory",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"assignerShortName": "WatchGuard",
"cveId": "CVE-2025-2782",
"datePublished": "2025-03-28T22:24:47.152Z",
"dateReserved": "2025-03-25T00:16:35.756Z",
"dateUpdated": "2025-03-31T13:24:07.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2781 (GCVE-0-2025-2781)
Vulnerability from cvelistv5 – Published: 2025-03-28 22:23 – Updated: 2025-03-31 14:23- CWE-276 - Incorrect Default Permissions
| Vendor | Product | Version | |
|---|---|---|---|
| WatchGuard | Mobile VPN with SSL Client |
Affected:
11.0 , ≤ 12.11
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2781",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-31T14:23:31.758287Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-31T14:23:48.669Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Mobile VPN with SSL Client",
"vendor": "WatchGuard",
"versions": [
{
"lessThanOrEqual": "12.11",
"status": "affected",
"version": "11.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-03-27T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003eThe WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system.\u003c/div\u003e\u003c/div\u003e\u003cp\u003eThis issue affects Mobile VPN with SSL Client: from 11.0 through 12.11.\u003c/p\u003e"
}
],
"value": "The WatchGuard Mobile VPN with SSL Client on Windows does not properly configure directory permissions when installed in a non-default directory. This could allow an authenticated local attacker to escalate to SYSTEM privileges on a vulnerable system.\n\n\n\nThis issue affects Mobile VPN with SSL Client: from 11.0 through 12.11."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T22:23:50.752Z",
"orgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"shortName": "WatchGuard"
},
"references": [
{
"url": "https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00004"
}
],
"source": {
"advisory": "WGSA-2025-00004",
"defect": [
"FBX-27510"
],
"discovery": "UNKNOWN"
},
"title": "WatchGuard Mobile VPN with SSL Local Privilege Escalation via Non-Standard Installation Directory",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5d1c2695-1a31-4499-88ae-e847036fd7e3",
"assignerShortName": "WatchGuard",
"cveId": "CVE-2025-2781",
"datePublished": "2025-03-28T22:23:50.752Z",
"dateReserved": "2025-03-25T00:12:21.740Z",
"dateUpdated": "2025-03-31T14:23:48.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2502 (GCVE-0-2025-2502)
Vulnerability from cvelistv5 – Published: 2025-05-30 19:14 – Updated: 2026-02-26 18:27- CWE-276 - Incorrect Default Permissions
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo | PC Manager |
Affected:
0 , < 5.1.110.5082
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2502",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T03:55:14.585037Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:27:49.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PC Manager",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "5.1.110.5082",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lenovo:pc_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.1.110.5082",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges.\u003c/span\u003e"
}
],
"value": "An improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T19:14:24.858Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/428586"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update PC Manager to version 5.1.110.5082 or later.\n\n\u003cbr\u003e"
}
],
"value": "Update PC Manager to version 5.1.110.5082 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2025-2502",
"datePublished": "2025-05-30T19:14:24.858Z",
"dateReserved": "2025-03-18T14:58:49.193Z",
"dateUpdated": "2026-02-26T18:27:49.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1789 (GCVE-0-2025-1789)
Vulnerability from cvelistv5 – Published: 2026-02-24 18:47 – Updated: 2026-02-26 14:44- CWE-276 - Incorrect Default Permissions
| Vendor | Product | Version | |
|---|---|---|---|
| Genetec Inc. | Genetec Update Service |
Affected:
<2.10.600
(semver)
Unaffected: >=2.10.600 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1789",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T04:56:04.010019Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T14:44:07.658Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Genetec Update Service",
"vendor": "Genetec Inc.",
"versions": [
{
"status": "affected",
"version": "\u003c2.10.600",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "\u003e=2.10.600",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rutger Flohil"
}
],
"descriptions": [
{
"lang": "en",
"value": "Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user could exploit this vulnerability to gain elevated privileges on the affected system."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233: Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:H/IR:H/AR:H/MVC:H/MVI:H/MVA:H/MSI:H/MSA:H/S:P/AU:N/V:C",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-24T18:47:24.913Z",
"orgId": "f2b06212-cb4b-41a4-9501-fa2e367495b8",
"shortName": "Genetec"
},
"references": [
{
"url": "https://techdocs.genetec.com/r/en-US/Security-Updates-for-GenetecTM-Update-Service-2.10/Resolved-vulnerabilities-in-Genetec-Update-Service-2.10"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in Genetec Update Service 2.10.600 and all later versions. Internet connected Genetec Update Service will automatically update themselves."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f2b06212-cb4b-41a4-9501-fa2e367495b8",
"assignerShortName": "Genetec",
"cveId": "CVE-2025-1789",
"datePublished": "2026-02-24T18:47:24.913Z",
"dateReserved": "2025-02-28T17:07:08.574Z",
"dateUpdated": "2026-02-26T14:44:07.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1699 (GCVE-0-2025-1699)
Vulnerability from cvelistv5 – Published: 2025-06-11 16:14 – Updated: 2025-06-11 17:32- CWE-276 - Incorrect Default Permissions
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1699",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-11T17:32:22.596452Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T17:32:38.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "g34",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2025-06-01",
"status": "affected",
"version": "0",
"versionType": "SPL"
}
]
},
{
"defaultStatus": "unaffected",
"product": "g34t",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2025-06-01",
"status": "affected",
"version": "0",
"versionType": "SPL"
}
]
},
{
"defaultStatus": "unaffected",
"product": "g45 5G",
"vendor": "Motorola",
"versions": [
{
"lessThan": "2025-06-01",
"status": "affected",
"version": "0",
"versionType": "SPL"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:motorola:g34:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2025-06-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:motorola:g34t:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2025-06-01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:motorola:g45_5g:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2025-06-01",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn incorrect default permissions vulnerability was reported in the MotoSignature application that could result in unauthorized access.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e"
}
],
"value": "An incorrect default permissions vulnerability was reported in the MotoSignature application that could result in unauthorized access."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 2.4,
"baseSeverity": "LOW",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-11T16:14:49.135Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/186729"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate your Motorola phone to the latest software version. Software versions with a Security Patch Level of 202\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e5\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e-\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e06\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e-01 or later include a fix for this \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003evulnerability.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Update your Motorola phone to the latest software version. Software versions with a Security Patch Level of 2025-06-01 or later include a fix for this vulnerability."
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2025-1699",
"datePublished": "2025-06-11T16:14:49.135Z",
"dateReserved": "2025-02-25T18:33:54.666Z",
"dateUpdated": "2025-06-11T17:32:38.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0886 (GCVE-0-2025-0886)
Vulnerability from cvelistv5 – Published: 2025-07-17 19:16 – Updated: 2025-07-17 20:09- CWE-276 - Incorrect Default Permissions
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0886",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T20:08:57.428883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T20:09:10.929Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elliptic Virtual Lock Sensor Service For ThinkPad P1 Gen 6 (Type 21FV, 21FW)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.548",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Driver for ThinkPad P1 Gen 7 (Type 21KV, 21KW)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.801",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Virtual Lock Sensor Service for P14s Gen 4 (Type 21HF, 21HG)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.858",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Device Driver for ThinkPad P14s Gen 4 (Type 21K5, 21K6)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.1893",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Driver for ThinkPad P14s Gen 5 (Type 21G2, 21G3)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.801",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Device Driver for ThinkPad P14s Gen 5 (Type 21ME, 21MF)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.6136",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence detection Device Driver for ThinkPad P16 Gen 2 (Type 21FA, 21FB)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.774",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Virtual Lock Sensor Service for P16s Gen 2 (Type 21HK, 21HL)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.858",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Device Driver for ThinkPad P16s Gen 2 (Type 21K9, 21KA)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.106.2391",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "lliptic Human Presence Detection Driver for P16s Gen 3 (Type 21KS, 21KT)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.801",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Device Driver for ThinkPad P16v Gen 1 (Type 21FC, 21FD)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.900",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Driver for ThinkPad P16v Gen 1 (Type 21FE, 21FF)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.2235",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Device Driver for ThinkPad P16v Gen 2 (Type 21KX, 21KY)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.801",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Virtual Lock Sensor Service for ThinkPad T14 Gen 3 (Type 21AH, 21AJ)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "3.2.61209.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Virtual Lock Sensor Service for ThinkPad T14 Gen 3 (Type 21CF, 21CG))",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "3.2.61209.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Virtual Lock Sensor Service for T14 Gen 4 (Type 21HD, 21HE)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.858",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Device Driver for T14 Gen 4 (Type 21K3, 21K4)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.1893",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "lliptic Human Presence Detection Device Driver for T14 Gen 5 (Type 21MC, 21MD)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.6136",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Device Driver for T14 Gen 5 (Type 21ML, 21MM)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.801",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Virtual Lock Sensor Service for T14s Gen 4 (Type 21F6, 21F7)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.858",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Device Driver for ThinkPad T14s Gen 4 (Type 21F8, 21F9)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.1893",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Device Driver for T14s Gen 5 (Type 21LS, 21LT)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.801",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection driver for ThinkPad T14s Gen 6 (Type 21M1, 21M2)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.109.82",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Virtual Lock Sensor Service for T16 Gen 2 (Type 21HH, 21HJ)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.858",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Device Driver for T16 Gen 2 (Type 21K7 21K8)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.106.2391",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Device Driver for T16 Gen 3 (Type 21MN, 21MQ)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.801",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Virtual Lock Sensor Service for X1 2-in-1 Gen 9 (Type 21KE, 21KF)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.801",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Virtual Lock Sensor Service for ThinkPad X1 Carbon 12th Gen (Type 21KC, 21KD)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.801",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Device Driver for X13 2-in-1 Gen 5 (Type 21LW, 21LX)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.801",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Virtual Lock Sensor for ThinkPad X13 Gen 4 (Type 21EX, 21EY)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.761",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Driver for ThinkPad X13 Gen 4 (Type 21J3, 21J4)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.2234",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Human Presence Detection Device Driver for X13 Gen 5 (Type 21LU, 21LV)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.801",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Elliptic Virtual Lock Sensor for X13 Yoga Gen 4 (Type 21F2, 21F3)",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1000.100.108.761",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lenovo:elliptic_virtual_lock_sensor_service_for_p16s_gen_2_type_21hk_21hl_laptop_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.108.858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_virtual_lock_sensor_for_x13_yoga_gen_4_type_21f2_21f3_laptop_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.108.761",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_virtual_lock_sensor_service_for_t14_gen_3_type_21ah_21aj_laptop_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.61209.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_virtual_lock_sensor_service_for_t14_gen_3_type_21cf_21cg_laptop_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.61209.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_human_presence_detection_device_driver_for_p16_gen_2_type_21fa_21fb_laptop_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.108.774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_virtual_lock_sensor_service_for_p14s_gen_4_type_21k5_21k6_laptop_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.108.1893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_human_presence_detection_device_driver_for_t14_gen_5_type_21mc_21md_laptops_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.108.6136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_human_presence_detection_device_driver_for_t14s_gen_4_type_21f8_21f9_laptop_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.108.1893",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_human_presence_detection_device_driver_for_x13_gen_4_type_21j3_21j4_laptop_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.108.2234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_human_presence_detection_device_driver_for_p16v_gen_1_type_21fe_21ff_laptop_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.108.2235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_virtual_lock_sensor_service_for_p1_gen_6_type_21fv_21fw_laptop_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.108.548",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_human_presence_detection_device_driver_for_t14s_gen_5_type_21ls_21lt_laptop_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.108.801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:elliptic_human_presence_detection_device_driver_for_lenovo:p14s_gen_5_type_21g2_21g3_laptops_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.108.801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_human_presence_detection_device_driver_for_p16v_gen_2_type_21kx_21ky_laptops_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.108.801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_human_presence_detection_device_driver_for_p1_gen_7_type_21kv_21kw_laptop_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.108.801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_virtual_lock_sensor_service_for_x1_2_in_1_gen_9_type_21ke_21kf_laptop_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.108.801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_human_presence_detection_device_driver_for_t16_gen_2_type_21k7_21k8_laptop_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.106.2391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_human_presence_detection_device_driver_for_p16v_gen_1_type_21fc_21fd_laptop_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.108.900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lenovo:elliptic_human_presence_detection_driver_for_t14s_gen_6_type_21m1_21m2_laptops_thinkpad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1000.100.109.82",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Alexander Staalgaard, JN Data Red Team, for reporting this issue."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn incorrect permissions vulnerability was reported in Elliptic Labs Virtual Lock Sensor that could allow a local, authenticated user to escalate privileges. \u003c/span\u003e"
}
],
"value": "An incorrect permissions vulnerability was reported in Elliptic Labs Virtual Lock Sensor that could allow a local, authenticated user to escalate privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-17T19:16:16.273Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-182738"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate to the version (or newer) indicated for your model in the Product Impact section:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.lenovo.com/us/en/product_security/LEN-182738\"\u003ehttps://support.lenovo.com/us/en/product_security/LEN-182738\u003c/a\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Update to the version (or newer) indicated for your model in the Product Impact section:\u00c2\u00a0 https://support.lenovo.com/us/en/product_security/LEN-182738"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2025-0886",
"datePublished": "2025-07-17T19:16:16.273Z",
"dateReserved": "2025-01-30T16:35:23.042Z",
"dateUpdated": "2025-07-17T20:09:10.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0797 (GCVE-0-2025-0797)
Vulnerability from cvelistv5 – Published: 2025-01-29 01:00 – Updated: 2025-02-12 19:51| URL | Tags |
|---|---|
| https://vuldb.com/?id.293920 | vdb-entry |
| https://vuldb.com/?ctiid.293920 | signaturepermissions-required |
| https://vuldb.com/?submit.484329 | third-party-advisory |
| https://github.com/dmknght/FIS_RnD/blob/main/esca… | exploit |
| Vendor | Product | Version | |
|---|---|---|---|
| MicroWorld | eScan Antivirus |
Affected:
7.0.32
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0797",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T14:56:04.872774Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T19:51:16.070Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Quarantine Handler"
],
"product": "eScan Antivirus",
"vendor": "MicroWorld",
"versions": [
{
"status": "affected",
"version": "7.0.32"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "FPT IS Security (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been declared as problematic. This vulnerability affects unknown code of the file /var/Microworld/ of the component Quarantine Handler. The manipulation leads to incorrect default permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "In MicroWorld eScan Antivirus 7.0.32 f\u00fcr Linux wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei /var/Microworld/ der Komponente Quarantine Handler. Dank der Manipulation mit unbekannten Daten kann eine incorrect default permissions-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-266",
"description": "Incorrect Privilege Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-29T01:00:17.874Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-293920 | MicroWorld eScan Antivirus Quarantine Microworld default permission",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.293920"
},
{
"name": "VDB-293920 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.293920"
},
{
"name": "Submit #484329 | MicroWorld Escan Antivirus on Linux 7.0.32 Incorrect Default Permissions",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.484329"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/dmknght/FIS_RnD/blob/main/escan_av_incorrect_default_perms_leads_to_malware_evasion.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-01-28T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-01-28T15:47:04.000Z",
"value": "VulDB entry last update"
}
],
"title": "MicroWorld eScan Antivirus Quarantine Microworld default permission"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-0797",
"datePublished": "2025-01-29T01:00:17.874Z",
"dateReserved": "2025-01-28T14:41:56.114Z",
"dateUpdated": "2025-02-12T19:51:16.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0543 (GCVE-0-2025-0543)
Vulnerability from cvelistv5 – Published: 2025-01-25 16:17 – Updated: 2025-02-05 18:23- CWE-276 - Incorrect Default Permissions
| Vendor | Product | Version | |
|---|---|---|---|
| G DATA CyberDefense AG | G DATA Security Client |
Affected:
0 , < 15.8.333
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0543",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T13:55:14.972209Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T18:23:40.680Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "G DATA Security Client",
"vendor": "G DATA CyberDefense AG",
"versions": [
{
"lessThan": "15.8.333",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Fabian Duschek"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to directories. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing an arbitrary executable in a globally writable directory resulting in execution by the SetupSVC.exe service in the context of SYSTEM."
}
],
"value": "Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to directories. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing an arbitrary executable in a globally writable directory resulting in execution by the SetupSVC.exe service in the context of SYSTEM."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-25T16:17:46.634Z",
"orgId": "a341c0d1-ebf7-493f-a84e-38cf86618674",
"shortName": "cirosec"
},
"references": [
{
"url": "https://github.com/nullby73/security-advisories/tree/main/CVE-2025-0543"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "G DATA Security Client Local privilege escalation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a341c0d1-ebf7-493f-a84e-38cf86618674",
"assignerShortName": "cirosec",
"cveId": "CVE-2025-0543",
"datePublished": "2025-01-25T16:17:46.634Z",
"dateReserved": "2025-01-17T10:12:08.693Z",
"dateUpdated": "2025-02-05T18:23:40.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0542 (GCVE-0-2025-0542)
Vulnerability from cvelistv5 – Published: 2025-01-25 16:15 – Updated: 2025-02-12 20:01| Vendor | Product | Version | |
|---|---|---|---|
| G DATA CyberDefense AG | G DATA Management Server |
Affected:
0 , < 15.8.333
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0542",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T14:20:27.912093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:01:14.392Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "G DATA Management Server",
"vendor": "G DATA CyberDefense AG",
"versions": [
{
"lessThan": "15.8.333",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Fabian Duschek"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Local privilege escalation due to incorrect assignment of privileges of temporary files in the update mechanism of G DATA Management Server. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing a crafted ZIP archive in a globally writable directory, which gets unpacked in the context of SYSTEM and results in arbitrary file write."
}
],
"value": "Local privilege escalation due to incorrect assignment of privileges of temporary files in the update mechanism of G DATA Management Server. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing a crafted ZIP archive in a globally writable directory, which gets unpacked in the context of SYSTEM and results in arbitrary file write."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
},
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-25T16:15:09.526Z",
"orgId": "a341c0d1-ebf7-493f-a84e-38cf86618674",
"shortName": "cirosec"
},
"references": [
{
"url": "https://github.com/nullby73/security-advisories/tree/main/CVE-2025-0542"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "G DATA Management Server Local privilege escalation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a341c0d1-ebf7-493f-a84e-38cf86618674",
"assignerShortName": "cirosec",
"cveId": "CVE-2025-0542",
"datePublished": "2025-01-25T16:15:09.526Z",
"dateReserved": "2025-01-17T07:53:19.796Z",
"dateUpdated": "2025-02-12T20:01:14.392Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0014 (GCVE-0-2025-0014)
Vulnerability from cvelistv5 – Published: 2025-04-02 16:14 – Updated: 2026-02-26 18:28- CWE-276 - Incorrect Default Permissions
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | AMD Ryzen™ AI Software |
Unaffected:
1.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0014",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-24T03:55:30.706022Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:28:59.782Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AMD Ryzen\u2122 AI Software",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "1.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect default permissions on the AMD Ryzen(TM) AI installation folder could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution."
}
],
"value": "Incorrect default permissions on the AMD Ryzen(TM) AI installation folder could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-02T16:14:00.258Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7037.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2025-0014",
"datePublished": "2025-04-02T16:14:00.258Z",
"dateReserved": "2024-10-10T20:27:50.166Z",
"dateUpdated": "2026-02-26T18:28:59.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation MIT-1
The architecture needs to access and modification attributes for files to only those users who actually require those actions.
Mitigation MIT-46
Strategy: Separation of Privilege
- Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
- Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs
In applications, particularly web applications, access to functionality is mitigated by an authorization framework. This framework maps Access Control Lists (ACLs) to elements of the application's functionality; particularly URL's for web apps. In the case that the administrator failed to specify an ACL for a particular element, an attacker may be able to access it with impunity. An attacker with the ability to access functionality not properly constrained by ACLs can obtain sensitive information and possibly compromise the entire application. Such an attacker can access resources that must be available only to users at a higher privilege level, can access management sections of the application, or can run queries for data that they otherwise not supposed to.
CAPEC-127: Directory Indexing
An adversary crafts a request to a target that results in the target listing/indexing the content of a directory as output. One common method of triggering directory contents as output is to construct a request containing a path that terminates in a directory name rather than a file name since many applications are configured to provide a list of the directory's contents when such a request is received. An adversary can use this to explore the directory tree on a target as well as learn the names of files. This can often end up revealing test files, backup files, temporary files, hidden files, configuration files, user accounts, script contents, as well as naming conventions, all of which can be used by an attacker to mount additional attacks.
CAPEC-81: Web Server Logs Tampering
Web Logs Tampering attacks involve an attacker injecting, deleting or otherwise tampering with the contents of web logs typically for the purposes of masking other malicious behavior. Additionally, writing malicious data to log files may target jobs, filters, reports, and other agents that process the logs in an asynchronous attack pattern. This pattern of attack is similar to "Log Injection-Tampering-Forging" except that in this case, the attack is targeting the logs of the web server and not the application.