Improper Access Control
| Property | |
|---|---|
| Language | solidity |
| Severity |  |
| CWE | CWE-284: Improper Access Control |
| Confidence Level | Low |
| Impact Level | High |
| Likelihood Level | High |
Description#
The transferOwnership function is publicly accessible without proper access control, allowing anyone to change the contract’s owner. This means unauthorized users can take ownership of the contract.
Impact#
If exploited, an attacker could seize control of the smart contract, potentially transferring funds, modifying critical settings, or locking out legitimate owners. This could lead to total loss of assets and trust in the contract.