- What is CWE-250?
- The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
- What CVEs are caused by CWE-250?
- 312 recorded CVEs are attributed to CWE-250, including CVE-2025-40602, CVE-2026-4606, CVE-2025-32445. 1 are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- How do you prevent CWE-250?
- Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.
- How is CWE-250 detected?
- Manual Analysis: This weakness can be detected using tools and techniques that require manual (human) analysis, such as penetration testing, threat modeling, and interactive tools that allow the tester to record and modify an active session.
- What are the consequences of CWE-250?
- Exploiting CWE-250 can lead to: Gain Privileges or Assume Identity, Execute Unauthorized Code or Commands, Read Application Data, DoS: Crash, Exit, or Restart.
- Is CWE-250 actively exploited?
- Yes. 1 CWE-250 vulnerabilities are in CISA's KEV catalog of actively exploited flaws, out of 312 recorded CVEs.