Incorrect Default Permissions, : Execution with... · CVE-2026-3315 · GitHub Advisory Database · GitHub

Incorrect Default Permissions, : Execution with...

Moderate severity Unreviewed Published Mar 10, 2026 to the GitHub Advisory Database • Updated May 7, 2026

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission Assignment for Critical Resource vulnerability in ASSA ABLOY Visionline on Windows allows Configuration/Environment Manipulation.This issue affects Visionline: from 1.0 before 1.33.

References

Published by the National Vulnerability Database

Mar 10, 2026

Published to the GitHub Advisory Database Mar 10, 2026

Last updated May 7, 2026

Severity

Moderate

/ 10

CVSS v4 base metrics

Exploitability Metrics

Attack Vector Local

Attack Complexity Low

Attack Requirements Present

Privileges Required Low

User interaction None

Vulnerable System Impact Metrics

Confidentiality Low

Integrity High

Availability Low

Subsequent System Impact Metrics

Confidentiality Low

Integrity Low

Availability Low

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:L/U:Clear

Weaknesses

CWE-250

Execution with Unnecessary Privileges

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. Learn more on MITRE.

CWE-732

Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. Learn more on MITRE.