Category: ICS Communications: Frail Security in Protocols
Incomplete
Summary
Weaknesses in this category are related to the "Frail Security in Protocols" category from the SEI ETF "Categories of Security Vulnerabilities in ICS" as published in March 2022: "Vulnerabilities arise as a result of mis-implementation or incomplete implementation of security in ICS implementations of communication protocols." Note: members of this category include "Nearest IT Neighbor" recommendations from the report, as well as suggestions by the CWE team. These relationships are likely to change in future CWE versions.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-1189 | Improper Isolation of Shared Resources on System-on-a-Chip (SoC) | This vulnerability occurs when a System-on-a-Chip (SoC) fails to properly separate shared hardware resources between secure (trusted) and non-secure (untrusted) components. |
| CWE-121 | Stack-based Buffer Overflow | A stack-based buffer overflow occurs when a program writes more data to a buffer located on the call stack than it can hold, corrupting adjacent memory and potentially hijacking the program's execution flow. |
| CWE-125 | Out-of-bounds Read | An out-of-bounds read occurs when software accesses memory outside the boundaries of a buffer, array, or similar data structure, reading data it wasn't intended to see. |
| CWE-1303 | Non-Transparent Sharing of Microarchitectural Resources | This vulnerability occurs when a processor's internal performance features, like caches and branch predictors, are unintentionally shared between different software contexts. This breaks the expected isolation, allowing data to leak across security boundaries. |
| CWE-1393 | Use of Default Password | This vulnerability occurs when a system or device uses a pre-configured, publicly known password for authentication, often for administrative or critical functions. |
| CWE-268 | Privilege Chaining | Privilege chaining occurs when an attacker combines two separate permissions or capabilities, neither of which is dangerous on its own, to perform a harmful action that neither permission should individually allow. |
| CWE-269 | Improper Privilege Management | This vulnerability occurs when an application fails to correctly manage user permissions, allowing someone to perform actions or access data beyond their intended authority. |
| CWE-276 | Incorrect Default Permissions | This vulnerability occurs when software installation scripts set overly permissive file or directory access rights by default. Instead of restricting write access to authorized users or processes, the installation allows unintended actors to modify, delete, or corrupt critical application files. |
| CWE-290 | Authentication Bypass by Spoofing | This weakness occurs when an application's authentication system can be tricked into accepting forged or manipulated credentials, allowing unauthorized access without proper verification. |
| CWE-306 | Missing Authentication for Critical Function | This vulnerability occurs when a software feature that performs a sensitive action or uses significant system resources does not verify the user's identity before executing. Attackers can exploit this to trigger critical functions without any credentials. |
| CWE-311 | Missing Encryption of Sensitive Data | This vulnerability occurs when an application stores or sends sensitive information without first encrypting it, leaving the data exposed. |
| CWE-312 | Cleartext Storage of Sensitive Information | This vulnerability occurs when an application stores sensitive data like passwords, credit card numbers, or personal information in plain text, without any encryption. This unsecured data is kept in files, databases, caches, or logs that could be accessed by unauthorized users or systems. |
| CWE-319 | Cleartext Transmission of Sensitive Information | This vulnerability occurs when an application sends sensitive data, such as passwords or personal information, over a network connection without using encryption. Attackers can easily intercept and read this unprotected data as it travels. |
| CWE-325 | Missing Cryptographic Step | This vulnerability occurs when a software implementation skips a critical step in a cryptographic process, resulting in security that is significantly weaker than the intended algorithm provides. |
| CWE-327 | Use of a Broken or Risky Cryptographic Algorithm | The software relies on a cryptographic algorithm or protocol that is either fundamentally flawed or considered too weak by modern security standards. |
| CWE-330 | Use of Insufficiently Random Values | This vulnerability occurs when an application uses random values that are not sufficiently unpredictable in security-sensitive operations, making them easier for attackers to guess or calculate. |
| CWE-336 | Same Seed in Pseudo-Random Number Generator (PRNG) | This vulnerability occurs when a Pseudo-Random Number Generator (PRNG) is repeatedly initialized with the same starting seed value. |
| CWE-337 | Predictable Seed in Pseudo-Random Number Generator (PRNG) | This vulnerability occurs when a Pseudo-Random Number Generator (PRNG) uses an easily guessable starting value, like the current system time or a process ID, to begin its sequence. |
| CWE-341 | Predictable from Observable State | This vulnerability occurs when an attacker can guess or deduce sensitive values, like random numbers or identifiers, by observing predictable system or network characteristics such as timestamps, process IDs, or other public information. |
| CWE-349 | Acceptance of Extraneous Untrusted Data With Trusted Data | This vulnerability occurs when a system processes both trusted and untrusted data together, but fails to separate them. The application incorrectly treats all incoming data—including the untrusted portion—with the same level of trust as the legitimate data. |
| CWE-358 | Improperly Implemented Security Check for Standard | This vulnerability occurs when software fails to correctly implement one or more critical security checks required by a standard protocol, algorithm, or security technique. |
| CWE-362 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') | A race condition occurs when multiple processes or threads access a shared resource simultaneously without proper coordination, creating a timing window where the resource's state can be unexpectedly altered, leading to unpredictable behavior or security vulnerabilities. |
| CWE-377 | Insecure Temporary File | This vulnerability occurs when an application creates temporary files with insecure permissions or in predictable locations, allowing attackers to read, modify, or delete sensitive data. |
| CWE-384 | Session Fixation | Session fixation occurs when an application authenticates a user without first destroying the previous session ID. This allows an attacker who knows that session identifier to hijack the user's authenticated session. |
| CWE-648 | Incorrect Use of Privileged APIs | This vulnerability occurs when software incorrectly uses functions that require special permissions. Attackers can exploit these mistakes to gain unauthorized access, elevate their privileges, or steal sensitive data. |
| CWE-787 | Out-of-bounds Write | This vulnerability occurs when software incorrectly writes data outside the boundaries of its allocated memory buffer, either beyond the end or before the beginning. |
| CWE-1358 | Weaknesses in SEI ETF Categories of Security Vulnerabilities in ICS | CWE entries in this view (graph) are associated with the Categories of Security Vulnerabilities in ICS, as published by the Securing Energy Infrastructure Executive Task Force (SEI ETF) in March 2022. Weaknesses and categories in this view are focused on issues that affect ICS (Industrial Control Systems) but have not been traditionally covered by CWE in the past due to its earlier emphasis on enterprise IT software. Note: weaknesses in this view are based on "Nearest IT Neighbor" recommendations and other suggestions by the CWE team. These relationships are likely to change in future CWE versions. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.