CWE-379
AllowedCreation of Temporary File in Directory with Insecure Permissions
Abstraction: Base · Status: Incomplete
The product creates a temporary file in a directory whose permissions allow unintended actors to determine the file's existence or otherwise access that file.
112 vulnerabilities reference this CWE, most recent first.
GHSA-X5GM-XW9R-M7H2
Vulnerability from github – Published: 2023-10-31 15:30 – Updated: 2023-10-31 23:27The C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe file is automatically launched as SYSTEM when the system reboots. Since the C:\Windows\Temp\Agent.Package.Availability folder inherits permissions from C:\Windows\Temp and Agent.Package.Availability.exe is susceptible to DLL hijacking, standard users can write a malicious DLL to it and elevate their privileges.
{
"affected": [],
"aliases": [
"CVE-2023-37243"
],
"database_specific": {
"cwe_ids": [
"CWE-379"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-31T15:15:08Z",
"severity": "HIGH"
},
"details": "The C:\\Windows\\Temp\\Agent.Package.Availability\\Agent.Package.Availability.exe file is automatically launched as SYSTEM when the system reboots. Since the C:\\Windows\\Temp\\Agent.Package.Availability folder inherits permissions from C:\\Windows\\Temp and Agent.Package.Availability.exe is susceptible to DLL hijacking, standard users can write a malicious DLL to it and elevate their privileges.\n",
"id": "GHSA-x5gm-xw9r-m7h2",
"modified": "2023-10-31T23:27:41Z",
"published": "2023-10-31T15:30:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37243"
},
{
"type": "WEB",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0010.md"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-XM77-XQP2-QHCP
Vulnerability from github – Published: 2025-02-11 18:31 – Updated: 2025-02-11 18:31Photoshop Elements versions 2025.0 and earlier are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
{
"affected": [],
"aliases": [
"CVE-2025-21162"
],
"database_specific": {
"cwe_ids": [
"CWE-379"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-11T18:15:28Z",
"severity": "MODERATE"
},
"details": "Photoshop Elements versions 2025.0 and earlier are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-xm77-xqp2-qhcp",
"modified": "2025-02-11T18:31:36Z",
"published": "2025-02-11T18:31:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21162"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/photoshop_elements/apsb25-13.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
]
}
Mitigation
Many contemporary languages have functions which properly handle this condition. Older C temp file functions are especially susceptible.
Mitigation
Try to store sensitive tempfiles in a directory which is not world readable -- i.e., per-user directories.
Mitigation
Avoid using vulnerable temp file functions.
No CAPEC attack patterns related to this CWE.