Incorrect Permission Assignment for Critical Resource

The software is used for allowing or prohibiting unintended users to read or modify security-critical resource. If the permission was given to more actors than it was needed, attackers can modify that resource and obtain potentially sensitive information. The weakness is the most dangerous when the resource is connected with configuration or execution of the programs or sensitive data and allows malicious users to modify and delete critical information from the target resource.
The vulnerabiity is introduced during Architecture and Design, Implementation, Installation, Operation stages.