Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-266 (特权授予不正确) — Vulnerability Class 382

382 vulnerabilities classified as CWE-266 (特权授予不正确). AI Chinese analysis included.

CWE-266 represents a critical access control weakness where software incorrectly assigns privileges to an actor, granting them an unintended sphere of control. This flaw typically arises from flawed logic in role-based or discretionary access control mechanisms, allowing users to perform actions beyond their authorized scope. Attackers exploit this by manipulating input parameters or session tokens to escalate privileges, effectively bypassing security boundaries to access sensitive data or execute administrative functions. To prevent such vulnerabilities, developers must implement robust, centralized authorization checks that verify permissions at every critical point of execution rather than relying on client-side validations. Adhering to the principle of least privilege ensures that actors receive only the minimum access necessary for their specific tasks. Rigorous code reviews and automated security testing further help identify incorrect privilege assignments before deployment, maintaining strict integrity over system resources.

MITRE CWE Description
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Common Consequences (1)
Access ControlGain Privileges or Assume Identity
A user can access restricted functionality and/or sensitive information that may include administrative functionality and user accounts.
Mitigations (2)
Architecture and Design, OperationVery carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Architecture and Design, OperationRun your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database ad…
Examples (2)
The following example demonstrates the weakness.
seteuid(0); /* do some stuff */ seteuid(getuid());
Bad · C
The following example demonstrates the weakness.
AccessController.doPrivileged(new PrivilegedAction() { public Object run() { // privileged code goes here, for example: System.loadLibrary("awt"); return null; // nothing to return }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2025-48741 StrangeBee TheHive 安全漏洞 — TheHive 6.5AIMediumAI2025-05-23
CVE-2025-48695 CyberDAVA 安全漏洞 — CyberDAVA 6.4 Medium2025-05-23
CVE-2025-4692 ABUP IoT Cloud Platform Incorrect Privilege Assignment — ABUP IoT Cloud Platform 6.8 Medium2025-05-22
CVE-2025-47291 containerd CRI plugin: Incorrect cgroup hierarchy assignment for containers running in usernamespaced Kubernetes pods. — containerd 7.7AIHighAI2025-05-21
CVE-2025-39366 WordPress wProject theme < 5.8.0 - Subscriber+ Privilege Escalation vulnerability — wProject 8.8 High2025-05-19
CVE-2025-39405 WordPress WPAMS plugin <= 44.0 (17-08-2023) - Privilege Escalation vulnerability — WPAMS 8.8 High2025-05-19
CVE-2025-39459 WordPress Real Estate 7 theme <= 3.5.2 - Privilege Escalation vulnerability — Real Estate 7 7.3 High2025-05-19
CVE-2025-0135 GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App — GlobalProtect App 7.1AIHighAI2025-05-14
CVE-2025-0131 GlobalProtect App: Incorrect Privilege Management Vulnerability in OPSWAT MetaDefender Endpoint Security SDK — MetaDefender Endpoint Security SDK 7.0AIHighAI2025-05-14
CVE-2025-3744 Nomad Vulnerable To Violation Of Mandatory Sentinel Policies in Nomad Job Submissions via Policy Override — Nomad Enterprise 7.6 High2025-05-13
CVE-2025-40571 Siemens Mendix OIDC SSO 安全漏洞 — Mendix OIDC SSO (Mendix 10.12 compatible) 2.2 Low2025-05-13
CVE-2025-4374 Quay: incorrect privilege assignment — quay 6.5 Medium2025-05-06
CVE-2025-2898 IBM Maximo Application Suite privilege escalation — Maximo Application Suite 7.5 High2025-05-06
CVE-2025-3517 Devolutions Server 安全漏洞 — Devolutions Server 8.8AIHighAI2025-05-01
CVE-2025-27007 WordPress SureTriggers <= 1.0.82 - Privilege Escalation Vulnerability — OttoKit 9.8 Critical2025-05-01
CVE-2025-2470 Service Finder Bookings <= 5.1 - Unauthenticated Privilege Escalation via 'nsl_registration_store_extra_input' — Service Finder Bookings 9.8 Critical2025-04-25
CVE-2025-32648 WordPress Projectopia plugin <= 5.1.24 - Privilege Escalation vulnerability — Projectopia 9.8 Critical2025-04-17
CVE-2025-39542 WordPress Xelion Webchat plugin <= 9.1.0 - Privilege Escalation Vulnerability — Xelion Webchat 8.8 High2025-04-17
CVE-2025-23391 Rancher: Restricted Administrator can change Administrator's passwords — rancher 9.1 Critical2025-04-11
CVE-2025-32491 WordPress Rankology SEO – On-site SEO plugin <= 2.2.4 - Privilege Escalation Vulnerability — Rankology SEO – On-site SEO 9.8 Critical2025-04-11
CVE-2025-31524 WordPress WP User Profiles plugin <= 2.6.2 - Privilege Escalation vulnerability — WP User Profiles 8.8 High2025-04-10
CVE-2025-32695 WordPress Checkout Mestres WP plugin <= 8.7.5 - Privilege Escalation Vulnerability — Checkout Mestres WP 9.8 Critical2025-04-09
CVE-2025-25023 IBM Security Guardium information disclosure — Security Guardium 4.9 Medium2025-04-09
CVE-2025-23407 Inaba Denki Sangyo Wi-Fi AP UNIT 安全漏洞 — AC-WPS-11ac 4.3 Medium2025-04-09
CVE-2024-51800 WordPress Homey theme <= 2.4.1 - Privilege Escalation vulnerability — Homey 9.8 Critical2025-04-04
CVE-2025-31420 WordPress wpForo Forum plugin <= 2.4.2 - Privilege Escalation vulnerability — wpForo Forum 7.6 High2025-04-04
CVE-2025-31560 WordPress Salon booking system plugin < 10.15 - Privilege Escalation vulnerability — Salon booking system 7.2 High2025-04-01
CVE-2025-27095 JumpServer has a Kubernetes Token Leak Vulnerability — jumpserver 4.3 Medium2025-03-31
CVE-2025-2713 Improper File Permission Handling in Google gVisor runsc — gVisor 7.1 -2025-03-28
CVE-2025-26512 CVE-2025-26512 Privilege Escalation Vulnerability in SnapCenter — SnapCenter 9.9 Critical2025-03-24

Vulnerabilities classified as CWE-266 (特权授予不正确) represent 382 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.