Home/CWE/Improper Check for Dropped Privileges
Weakness

Improper Check for Dropped Privileges

CWE-273 · Base · Incomplete

The product attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.

Extended description

If the drop fails, the product will continue to run with the raised privileges, which might provide additional access to unprivileged users.

Weakness Relationships

Where this weakness sits in the CWE hierarchy. Walk up to broader classes or down to more specific variants.
Parent of this (broader)
ChildOfCWE-271 · Privilege Dropping / Lowering Errors
ChildOfCWE-754 · Improper Check for Unusual or Exceptional Conditions
Related
PeerOfCWE-252 · Unchecked Return Value

CVEs With This Weakness

44
A sample of the 44 CVEs tagged with this weakness.
CVECVE-2026-32107
CVECVE-2026-21882
CVECVE-2025-62175
CVECVE-2025-27396
CVECVE-2025-1003
CVECVE-2024-8382
CVECVE-2024-38813
CVECVE-2024-38813
CVECVE-2024-25420
CVECVE-2024-21848
CVECVE-2023-5369
CVECVE-2023-5369
External lookups - second-class, for what we don’t hold ourselves
MITRE CWE
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin