CWE-277: Insecure Inherited Permissions
low-riskA product defines a set of insecure permissions that are inherited by objects that are created by the program.
Abstraction: Variant
Common Consequences
Confidentiality
→
Read Application Data
Real-World Examples (10)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2023-27842 | 8.8 | 35.6% | — |
| CVE-2024-36539 | 9.8 | 14.0% | — |
| CVE-2024-34329 | 8.4 | 8.0% | — |
| CVE-2024-42681 | 8.8 | 1.8% | — |
| CVE-2024-6605 | 8.8 | 0.6% | — |
| CVE-2021-41170 | 9.8 | 0.5% | — |
| CVE-2021-32725 | 3.5 | 0.3% | — |
| CVE-2024-36540 | 9.8 | 0.3% | — |
| CVE-2025-22448 | 6.1 | 0.2% | — |
| CVE-2024-41601 | 7.5 | 0.2% | — |
2
/ 100
low-risk
Active Threat
2/50 · Minimal
Exploit Availability
0/50 · Minimal