Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-379 (在具有不安全权限的目录中创建临时文件) — Vulnerability Class 43

43 vulnerabilities classified as CWE-379 (在具有不安全权限的目录中创建临时文件). AI Chinese analysis included.

CWE-379 represents a critical input validation weakness where applications create temporary files in directories with overly permissive access controls. This flaw allows unintended actors to detect the file’s existence or manipulate its contents, potentially revealing sensitive application logic or user data. Attackers typically exploit this by monitoring the directory for new files, then employing race conditions or symbolic link attacks to redirect the application’s write operations to malicious targets. To mitigate this risk, developers must enforce strict file permissions, ensuring that only the creating process can access the temporary file. Utilizing secure system calls that automatically set restrictive permissions upon creation, such as O_CREAT with mode 0600, is essential. Additionally, storing temporary files in isolated, private directories further reduces the attack surface and prevents unauthorized visibility or interference.

MITRE CWE Description
The product creates a temporary file in a directory whose permissions allow unintended actors to determine the file's existence or otherwise access that file. On some operating systems, the fact that the temporary file exists may be apparent to any user with sufficient privileges to access that directory. Since the file is visible, the application that is using the temporary file could be known. If one has access to list the processes on the system, the attacker has gained information about what the user is doing at that time. By correlating this with the applications the user is running, an attacker could potentially discover what a user's actions are. From this, higher levels of security could be breached.
Common Consequences (1)
ConfidentialityRead Application Data
Since the file is visible and the application which is using the temp file could be known, the attacker has gained information about what the user is doing at that time.
Mitigations (3)
RequirementsMany contemporary languages have functions which properly handle this condition. Older C temp file functions are especially susceptible.
ImplementationTry to store sensitive tempfiles in a directory which is not world readable -- i.e., per-user directories.
ImplementationAvoid using vulnerable temp file functions.
Examples (1)
In the following code examples a temporary file is created and written to. After using the temporary file, the file is closed and deleted from the file system.
FILE *stream; if( (stream = tmpfile()) == NULL ) { perror("Could not open new temporary file\n"); return (-1); } // write data to tmp file ... // remove tmp file rmtmp();
Bad · C
try { File temp = File.createTempFile("pattern", ".suffix"); temp.deleteOnExit(); BufferedWriter out = new BufferedWriter(new FileWriter(temp)); out.write("aString"); out.close(); } catch (IOException e) { }
Bad · Java
CVE IDTitleCVSSSeverityPublished
CVE-2019-25677 WinRAR 5.61 Denial of Service via Malformed Language File — WinRAR 6.2 Medium2026-04-05
CVE-2025-10279 Privilege Escalation in mlflow/mlflow — mlflow/mlflow 7.0AIHighAI2026-02-02
CVE-2025-71176 Pytest 安全漏洞 — pytest 6.8 Medium2026-01-22
CVE-2025-64896 Creative Cloud Desktop | Creation of Temporary File in Directory with Incorrect Permissions (CWE-379) — Creative Cloud Desktop 5.5 Medium2025-12-09
CVE-2025-33111 IBM Controller Information Disclosure — Controller 4.3 Medium2025-12-08
CVE-2024-7562 Flexera InstallShield 安全漏洞 — InstallShield 7.8AIHighAI2025-06-12
CVE-2025-21162 Photoshop Elements | Creation of Temporary File in Directory with Incorrect Permissions (CWE-379) — Photoshop Elements 5.5 Medium2025-02-11
CVE-2025-21173 .NET Elevation of Privilege Vulnerability — .NET 8.0 7.3 High2025-01-14
CVE-2024-9950 Abuse of Unauthenticated Compliance Recheck in SecureConnector — SecureConnector 6.2 -2025-01-02
CVE-2024-9500 Autodesk ADP Desktop SDK Privilege Escalation Vulnerability — Installer 7.8 High2024-11-15
CVE-2023-6080 Privilege Escalation to SYSTEM in Lakeside Software Installer — SysTrack LsiAgent Installer 7.8 -2024-10-18
CVE-2023-38533 Siemens TIA Administrator 安全漏洞 — TIA Administrator 3.3 Low2024-06-11
CVE-2024-24693 Zoom Rooms Client for Windows - Improper Access Control — Zoom Rooms Client for Windows 7.2 High2024-03-13
CVE-2023-3181 Insecure Permissions in Splashtop Software Updater — Splashtop Software Updater 7.8 High2024-01-25
CVE-2023-49797 Local Privilege Escalation in pyinstaller on Windows — pyinstaller 8.8 High2023-12-09
CVE-2023-3972 Insights-client: unsafe handling of temporary files and directories — Red Hat Enterprise Linux 7 7.8 High2023-11-01
CVE-2023-37243 Atera Agent Package Availability 安全漏洞 — Atera Agent Package Availability 7.8 High2023-10-31
CVE-2023-32450 Dell Power Manager 安全漏洞 — Dell Power Manager (DPM) 6.1 Medium2023-07-27
CVE-2023-26396 Adobe Acrobat Reader DC for macOS installer (AcroRdrDC_2200220191_MUI.pkg) contains a local privilege escalation vulnerability. — Acrobat Reader 7.8 High2023-04-12
CVE-2023-21612 Adobe Acrobat Reader Creation of Temporary File in Directory with Incorrect Permissions Privilege escalation — Acrobat Reader 7.8 High2023-01-18
CVE-2023-21611 Adobe Acrobat Reader Creation of Temporary File in Directory with Incorrect Permissions Privilege escalation — Acrobat Reader 7.8 High2023-01-18
CVE-2022-23950 Keylime 安全漏洞 — keylime 6.5 -2022-09-21
CVE-2021-40776 Adobe Lightroom Classic DLL Hijacking Local Privilege Escalation Vulnerability — Lightroom Classic 6.1 Medium2022-06-15
CVE-2022-23163 Dell Technologies Dell PowerScale OneFS 安全漏洞 — PowerScale OneFS 4.7 Medium2022-04-12
CVE-2021-43017 Adobe Creative Cloud DLL Hijacking Local Application Denial of Service — GoCart 4.2 Medium2021-11-18
CVE-2021-40708 Adobe Genuine Service Installer Privilege Escalation Vulnerability — GoCart 7.3 High2021-09-29
CVE-2021-39828 Adobe Digital Editions Installer flaw leads to Local Privilege Escalation — Digital Editions 5.8 Medium2021-09-27
CVE-2021-39827 Adobe Digital Editions Installer flaw leads to Arbitrary File System Write — Digital Editions 6.5 Medium2021-09-27
CVE-2021-28613 Adobe Creative Cloud Arbitrary File Overwrite Vulnerability — Creative Cloud (desktop component) 7.4 High2021-09-27
CVE-2021-28568 Adobe Genuine Services insecure file permission could lead to privilege escalation — GoCart 5.8 Medium2021-09-08

Vulnerabilities classified as CWE-379 (在具有不安全权限的目录中创建临时文件) represent 43 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.