Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE-520:.NET Misconfiguration: Use of Impersonation
Weakness ID:520
Version:v4.17
Weakness Name:.NET Misconfiguration: Use of Impersonation
Vulnerability Mapping:Allowed
Abstraction:Variant
Structure:Simple
Status:Incomplete
Likelihood of Exploit:
DetailsContent HistoryObserved CVE ExamplesReports
3Vulnerabilities found
CVE-2026-2450
Assigner-upKeeper Solutions
ShareView Details
Assigner-upKeeper Solutions
CVSS Score-7.4||HIGH
EPSS-0.02% / 6.68%
||
7 Day CHG~0.00%
Published-14 Apr, 2026 | 12:07
Updated-14 Apr, 2026 | 13:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0.

Action-Not Available
Vendor-upKeeper Solutions
Product-upKeeper Instant Privilege Access
CWE ID-CWE-520
.NET Misconfiguration: Use of Impersonation
CVE-2019-25608
Assigner-VulnCheck
ShareView Details
Assigner-VulnCheck
CVSS Score-8.6||HIGH
EPSS-0.02% / 4.24%
||
7 Day CHG~0.00%
Published-22 Mar, 2026 | 13:38
Updated-16 Apr, 2026 | 16:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Iperius Backup 6.1.0 Privilege Escalation via Backup Job

Iperius Backup 6.1.0 contains a privilege escalation vulnerability that allows low-privilege users to execute arbitrary programs with elevated privileges by creating backup jobs. Attackers can configure backup jobs to execute malicious batch files or programs before or after backup operations, which run with the privileges of the Iperius Backup Service account (Local System or Administrator), enabling privilege escalation and arbitrary code execution.

Action-Not Available
Vendor-Iperius
Product-Iperius Backup
CWE ID-CWE-520
.NET Misconfiguration: Use of Impersonation
CVE-2024-46943
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.27% / 50.31%
||
7 Day CHG~0.00%
Published-15 Sep, 2024 | 00:00
Updated-14 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in OpenDaylight Authentication, Authorization and Accounting (AAA) through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information.

Action-Not Available
Vendor-opendaylightn/aopendaylight
Product-authentication\,_authorization_and_accountingn/aaaa
CWE ID-CWE-520
.NET Misconfiguration: Use of Impersonation