UnsafeDaclSecurityDescriptor

Setting a DACL to NULL in a SECURITY_DESCRIPTOR will result in an unprotected object. If the DACL that belongs to the security descriptor of an object is set to NULL, a null DACL is created. A null DACL grants full access to any user who requests it; normal security checking is not performed with respect to the object.
Checks
ControlFlow
Activity
Data
Detects
CWE732