CWE · MITRE source
CWE-273Improper Check for Dropped Privileges
The product attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.
If the drop fails, the product will continue to run with the raised privileges, which might provide additional access to unprivileged users.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2011-2921 | 6.3 | 9.8 | 0.7298 | 2019-11-19 |
CVE-2024-38813 KEV | 5.3 | 7.5 | 0.2953 | 2024-09-17 |
CVE-2019-18276 | 4.6 | 7.8 | 0.5022 | 2019-11-28 |
CVE-2017-6972 | 3.1 | 9.8 | 0.1906 | 2017-03-22 |
CVE-2012-1187 | 2.0 | 9.8 | 0.0043 | 2019-10-29 |
CVE-2011-3350 | 2.0 | 9.8 | 0.0039 | 2019-11-19 |
CVE-2020-24361 | 2.0 | 9.8 | 0.0057 | 2020-08-16 |
CVE-2021-36372 | 2.0 | 9.8 | 0.0046 | 2021-11-19 |
CVE-2023-34844 | 2.0 | 9.8 | 0.0013 | 2023-06-29 |
CVE-2020-14298 | 1.8 | 8.8 | 0.0013 | 2020-07-13 |
CVE-2020-14300 | 1.8 | 8.8 | 0.0027 | 2020-07-13 |
CVE-2024-8382 | 1.8 | 8.8 | 0.0027 | 2024-09-03 |
CVE-2025-27396 | 1.8 | 8.8 | 0.0105 | 2025-03-11 |
CVE-2026-32107 | 1.8 | 8.8 | 0.0002 | 2026-04-17 |
CVE-2026-21882 | 1.7 | 8.4 | 0.0002 | 2026-03-02 |
CVE-2006-2916 | 1.6 | 7.8 | 0.0014 | 2006-06-15 |
CVE-2018-16466 | 1.6 | 8.1 | 0.0013 | 2018-10-30 |
CVE-2018-8599 | 1.6 | 7.8 | 0.0043 | 2018-12-12 |
CVE-2019-20044 | 1.6 | 7.8 | 0.0007 | 2020-02-24 |
CVE-2022-0358 | 1.6 | 7.8 | 0.0004 | 2022-08-29 |
CVE-2023-35692 | 1.6 | 7.8 | 0.0001 | 2023-07-14 |
CVE-2023-34322 | 1.6 | 7.8 | 0.0006 | 2024-01-05 |
CVE-2024-25420 | 1.5 | 7.2 | 0.0162 | 2024-03-26 |
CVE-2023-5369 | 1.4 | 7.1 | 0.0008 | 2023-10-04 |
CVE-2019-14879 | 1.1 | 5.4 | 0.0021 | 2020-01-07 |