CWE-268 - Privilege Chaining

Description

Two distinct privileges, roles, capabilities, or rights can be combined in a way that allows an entity to perform unsafe actions that would not be allowed without that combination.

Latest vulnerabilities for CWE-268

Privilege escalation in BeyondTrust Privilege Management for Windows 2025-06-17
Low Yes

Privilege escalation in Cisco Unified Communications Products 2025-05-22
Low Yes

Privilege escalation in e-Tax 2024-09-24
Low Yes

References

Description of CWE-268 on Mitre website