Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-271 (特权放弃/降低错误) — Vulnerability Class 11

11 vulnerabilities classified as CWE-271 (特权放弃/降低错误). AI Chinese analysis included.

CWE-271 represents a critical privilege management weakness where an application fails to reduce its elevated permissions before transferring control of a resource to a less trusted actor. This flaw typically allows attackers to exploit the lingering high-level access by manipulating the handoff process, thereby gaining unauthorized control over sensitive system components or data that should remain restricted. By neglecting to lower privileges, developers inadvertently spread elevated rights throughout the system, creating a broader attack surface for potential compromise. To mitigate this risk, developers must implement strict privilege separation protocols, ensuring that processes drop unnecessary rights immediately after initialization and before interacting with untrusted inputs or external entities. Rigorous testing and adherence to the principle of least privilege are essential to prevent such security lapses.

MITRE CWE Description
The product does not drop privileges before passing control of a resource to an actor that does not have those privileges. In some contexts, a system executing with elevated permissions will hand off a process/file/etc. to another process or user. If the privileges of an entity are not reduced, then elevated privileges are spread throughout a system and possibly to an attacker.
Common Consequences (2)
Access ControlGain Privileges or Assume Identity
If privileges are not dropped, neither are access rights of the user. Often these rights can be prevented from being dropped.
Access Control, Non-RepudiationGain Privileges or Assume Identity, Hide Activities
If privileges are not dropped, in some cases the system may record actions as the user which is being impersonated rather than the impersonator.
Mitigations (3)
Architecture and DesignCompartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area. Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separatio…
Architecture and Design, OperationVery carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Architecture and DesignConsider following the principle of separation of privilege. Require multiple conditions to be met before permitting access to a system resource.
Examples (1)
The following code calls chroot() to restrict the application to a subset of the filesystem below APP_HOME in order to prevent an attacker from using the program to gain unauthorized access to files located elsewhere. The code then opens a file specified by the user and processes the contents of the file.
chroot(APP_HOME); chdir("/"); FILE* data = fopen(argv[1], "r+"); ...
Bad · C
CVE IDTitleCVSSSeverityPublished
CVE-2026-35535 Sudo 安全漏洞 — Sudo 7.4 High2026-04-03
CVE-2026-25704 Incomplete privilege drop for com.system76.CosmicGreeter.GetUserData — cosmic-greeter 8.1AIHighAI2026-03-30
CVE-2025-53819 Nix's privilege dropping to build user broke for macOS — nix 7.9 High2025-07-14
CVE-2025-23395 Local root exploit via `logfile_reopen()` in screen 5.0.0 with setuid-root bit set 7.8 High2025-05-26
CVE-2024-35179 Unprivileged Stalwart Mail Server user can read files as root — mail-server 6.8 Medium2024-05-15
CVE-2024-0985 PostgreSQL non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQL — PostgreSQL 8.0 High2024-02-08
CVE-2023-38496 Apptainer's ineffective privileges drop when requesting container network — apptainer 6.1 Medium2023-07-25
CVE-2023-22648 Rancher Labs Rancher 安全漏洞 — Rancher 8.0 High2023-06-01
CVE-2022-3569 Zimbra Collaboration Suite 安全漏洞 — Zimbra Collaboration Suite (ZCS) 7.8 -2022-10-17
CVE-2020-35513 Linux Kernel NFS 安全漏洞 — kernel 4.9 -2021-01-25
CVE-2019-11243 Google Kubernetes 信任管理问题漏洞 — Kubernetes 8.1 -2019-04-22

Vulnerabilities classified as CWE-271 (特权放弃/降低错误) represent 11 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.