BaseDraft

CWE-276Incorrect Default Permissions

Category: authz

Description

During installation, installed file permissions are set to allow anyone to modify those files.

Common consequences· 1

  • Confidentiality / Integrity — Read Application Data, Modify Application Data

Potential mitigations· 2

  • [Architecture and Design, Operation]The architecture needs to access and modification attributes for files to only those users who actually require those actions.
  • [Architecture and Design]

Related CAPEC attack patterns· 3

CAPEC-1CAPEC-127CAPEC-81

References

  1. https://cwe.mitre.org/data/definitions/276.html

Exploits (incoming)3

TypeTargetConfidenceTier
AttackPatternDirectory Indexingcapec-127100%live
AttackPatternAccessing Functionality Not Properly Constrained by ACLscapec-1100%live
AttackPatternWeb Server Logs Tamperingcapec-81100%live

Compliance frameworks addressing this (incoming)5

TypeTargetConfidenceTier
ComplianceControlnis2-art21e100%live
ComplianceControlcis_v8-4100%live
ComplianceControlowasp_api_top10-api01100%live
ComplianceControlai_act-art72100%live
ComplianceControlcra-art14100%live

(incoming)41

TypeTargetConfidenceTier
VulnerabilityCVE-2025-10314cve-2025-103140%live
VulnerabilityCVE-2025-24093cve-2025-240930%live
VulnerabilityCVE-2025-24172cve-2025-241720%live
VulnerabilityCVE-2025-24195cve-2025-241950%live
VulnerabilityCVE-2025-24207cve-2025-242070%live
VulnerabilityCVE-2025-24238cve-2025-242380%live
VulnerabilityCVE-2025-24399cve-2025-243990%live
VulnerabilityCVE-2025-24891cve-2025-248910%live
VulnerabilityCVE-2025-25535cve-2025-255350%live
VulnerabilityCVE-2025-27154cve-2025-271540%live
VulnerabilityCVE-2025-27677cve-2025-276770%live
VulnerabilityCVE-2025-27682cve-2025-276820%live
VulnerabilityCVE-2025-30465cve-2025-304650%live
VulnerabilityCVE-2025-32091cve-2025-320910%live
VulnerabilityCVE-2025-34191cve-2025-341910%live
VulnerabilityCVE-2025-35062cve-2025-350620%live
VulnerabilityCVE-2025-3528cve-2025-35280%live
VulnerabilityCVE-2025-40585cve-2025-405850%live
VulnerabilityCVE-2025-43595cve-2025-435950%live
VulnerabilityCVE-2025-43596cve-2025-435960%live
VulnerabilityCVE-2025-44643cve-2025-446430%live
VulnerabilityCVE-2025-46014cve-2025-460140%live
VulnerabilityCVE-2025-4660cve-2025-46600%live
VulnerabilityCVE-2025-48950cve-2025-489500%live
VulnerabilityCVE-2025-49084cve-2025-490840%live
VulnerabilityCVE-2025-54530cve-2025-545300%live
VulnerabilityCVE-2025-57625cve-2025-576250%live
VulnerabilityCVE-2025-60262cve-2025-602620%live
VulnerabilityCVE-2025-6179cve-2025-61790%live
VulnerabilityCVE-2025-62577cve-2025-625770%live

Showing top 30 of 41 by confidence. Click any target to see the full neighbourhood.

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Incorrect Execution-Assigned Permissions
CWE
Files or Directories Accessible to External Parties
CWE
Incorrect Permission Assignment for Critical Resource
CWE
Initialization of a Resource with an Insecure Default
CWE
Improper Access Control
CWE
Improper Ownership Management
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.