SYM_SOL_0025 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Improper Access Control
| Property | Value |
|---|---|
| Language | solidity |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| Confidence Level | Low |
| Impact Level | High |
| Likelihood Level | High |
Description
The transferOwnership function is publicly accessible without proper access control, allowing anyone to change the contract's owner. This means unauthorized users can take ownership of the contract.
Impact
If exploited, an attacker could seize control of the smart contract, potentially transferring funds, modifying critical settings, or locking out legitimate owners. This could lead to total loss of assets and trust in the contract.