Insufficient Isolation of System-Dependent Functions
This weakness occurs when an application fails to separate its core logic from functions that depend on a specific operating system, hardware, or external platform. Instead of being contained in dedicated modules, these system-dependent calls are scattered throughout the codebase.
When system-specific code is intertwined with general application logic, it creates a significant maintenance burden. Porting the software to a new platform or updating dependencies becomes a complex, error-prone task of hunting down and rewriting these scattered calls. This complexity directly undermines security because it slows down the process of identifying and patching vulnerabilities, making the codebase more fragile over time. Furthermore, this lack of isolation makes it easier to accidentally introduce security flaws during maintenance or new development. Developers working on core features may inadvertently break system-dependent behavior they are not familiar with, and the effort required to test changes across all supported environments often leads to gaps in coverage. The result is a codebase where security defects can persist longer and emerge more frequently.
Impact: Reduce Maintainability