logo

Replicating Malicious Code (Virus or Worm)

Incomplete Base
Structure: Simple
Description

This weakness describes software that is vulnerable to infection by self-replicating malicious programs like viruses or worms. Once such malware compromises a system, it can use that system as a launchpad to automatically spread and attack others.

Extended Description

This vulnerability isn't about a single bug in your code, but about the overall environment your software creates. If your application has security flaws—like allowing arbitrary code execution or failing to validate inputs—it can become an unwitting host. Once malware exploits these flaws to gain a foothold, it leverages the compromised system's resources and network access to seek out and infect new targets, turning your software into a vector for a larger attack. For developers, the focus should be on building robust defenses that prevent initial compromise. This means rigorously implementing standard security practices: validating all inputs, enforcing the principle of least privilege, keeping components updated, and using anti-malware tools. By eliminating the entry points that malware exploits, you break the replication chain and protect not only your own system but also others on the network from becoming the next victim.
Common Consequences 1
Scope: ConfidentialityIntegrityAvailability

Impact: Execute Unauthorized Code or Commands
Potential Mitigations 2
Phase: Operation
Antivirus software scans for viruses or worms.
Phase: Installation
Always verify the integrity of the software that is being installed.
References 1
A Taxonomy of Computer Program Security Flaws, with Examples
Carl E. Landwehr, Alan R. Bull, John P. McDermott, and William S. Choi
19-11-1993
https://cwe.mitre.org/documents/sources/ATaxonomyofComputerProgramSecurityFlawswithExamples%5BLandwehr93%5D.pdf(2024-11-17)
ID: REF-1431
Modes of Introduction
Implementation
Operation
Related Weaknesses
ChildOf: Trojan Horse (CWE-507)
Taxonomy Mapping
  • Landwehr