CWE-250 - Execution with Unnecessary Privileges

Description

The vulnerability leads to carring out the operations using additional privileges that increases weakness of the system. Extra privileges can suspend usual security checkings and make the system more assailable. Hightened number of resources extra privileges allows offenders to get access to it that may cause executing code, disabling services, and reading restricted data.
Thew weakness is introduced during Installation, Architecture and Design, Operation stages.

Latest vulnerabilities for CWE-250

Multiple vulnerabilities in NVIDIA Virtual GPU Manager 2024-02-29
Medium Yes

Multiple vulnerabilities in NVIDIA GPU display driver for Windows and Linux 2024-02-29
Low Yes

Multiple vulnerabilities in NVIDIA DGX Station A100 and DGX Station A800 2024-02-09
High Yes

Multiple vulnerabilities in AVEVA Operations Control Logger 2023-11-15
Low Yes

Multiple vulnerabilities in Siemens SICAM TOOLBOX II 2023-08-09
Low Yes

Multiple vulnerabilities in NVIDIA DGX A100 and DGX A800 2023-07-04
Low Yes

Two privilege escalation vulnerabilities in IBM QRadar WinCollect Agent 2023-05-31
Low Yes

Multiple vulnerabilities in Dell Unisphere for PowerMax, Dell Solutions Enabler, Dell Unisphere 360 and Dell VASA Provider 2022-11-14
Critical Yes

Privilege escalation in Junos OS Evolved ssh CLI 2022-10-21
Low Yes

Multiple vulnerabilities in Siemens Desigo PXM Devices 2022-10-12
Medium Yes

References

Description of CWE-250 on Mitre website