VariantDraft

CWE-279Incorrect Execution-Assigned Permissions

Category: authz

Description

While it is executing, the product sets the permissions of an object in a way that violates the intended permissions that have been specified by the user.

Common consequences· 1

  • Confidentiality / Integrity — Read Application Data, Modify Application Data

Potential mitigations· 2

  • [Architecture and Design, Operation]Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
  • [Architecture and Design]

Related CAPEC attack patterns· 1

CAPEC-81

References

  1. https://cwe.mitre.org/data/definitions/279.html

Exploits (incoming)1

TypeTargetConfidenceTier
AttackPatternWeb Server Logs Tamperingcapec-81100%live

(incoming)2

TypeTargetConfidenceTier
VulnerabilityCVE-2025-14025cve-2025-140250%live
VulnerabilityCVE-2025-58437cve-2025-584370%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Improper Ownership Management
CWE
Incorrect Privilege Assignment
CWE
Improper Handling of Insufficient Permissions or Privileges
CWE
Incorrect Permission Assignment for Critical Resource
CWE
Improper Authorization
CWE
Incorrect User Management
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.