CWE•Base•Incomplete•10 recent CVEs

CWE-272Least Privilege Violation

Description

The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.

Common consequences

Access Control,Confidentiality→Gain Privileges or Assume Identity,Read Application Data,Read Files or Directories
An attacker may be able to access resources with the elevated privilege that could not be accessed with the attacker's original privileges. This is particularly likely in conjunction with another flaw, such as a buffer overflow.

Potential mitigations

Architecture and Design,Operation
Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.
Architecture and Design
Follow the principle of least privilege when assigning access rights to entities in a software system.
Architecture and Design
[object Object]

Related CWEs

CWE-271Privilege Dropping / Lowering Errors

Recent CVEs classified under this CWE

CVE-2026-116205.32026-06-09 CVE-2026-115553.72026-06-08 CVE-2026-115544.32026-06-08 CVE-2026-114975.32026-06-08 CVE-2026-114944.32026-06-08 CVE-2026-114924.32026-06-08 CVE-2026-394597.22026-05-13 CVE-2026-326555.32026-04-27 CVE-2025-87587.02025-08-09 CVE-2025-87577.02025-08-09