Metalikelihood: Highseverity: HighStable

CAPEC-26Leveraging Race Conditions

Abstraction
Meta
Status
Stable
Likelihood
High
Severity
High

Description

The adversary targets a race condition occurring when multiple processes access and manipulate the same resource concurrently, and the outcome of the execution depends on the particular order in which the access takes place. The adversary can leverage a race condition by "running the race", modifying the resource and modifying the normal execution flow. For instance, a race condition can occur while accessing a file: the adversary can trick the system by replacing the original file with their version and cause the system to read the malicious file.

Related weaknesses· 12

CWE-368CWE-363CWE-366CWE-370CWE-362CWE-662CWE-689CWE-667CWE-665CWE-1223CWE-1254CWE-1298

Exploits12

TypeTargetConfidenceTier
WeaknessImproper Synchronizationcwe-662100%live
WeaknessRace Condition within a Threadcwe-366100%live
WeaknessPermission Race Condition During Resource Copycwe-689100%live
WeaknessConcurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')cwe-362100%live
WeaknessContext Switching Race Conditioncwe-368100%live
WeaknessRace Condition Enabling Link Followingcwe-363100%live
WeaknessImproper Lockingcwe-667100%live
WeaknessRace Condition for Write-Once Attributescwe-1223100%live
WeaknessHardware Logic Contains Race Conditionscwe-1298100%live
WeaknessMissing Check for Certificate Revocation after Initial Checkcwe-370100%live
WeaknessIncorrect Comparison Logic Granularitycwe-1254100%live
WeaknessImproper Initializationcwe-665100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
CAPEC
Leveraging Race Conditions via Symbolic Links
CAPEC
Shared Resource Manipulation
CAPEC
File Manipulation
CAPEC
Force Use of Corrupted Files
CAPEC
Hijacking a Privileged Thread of Execution
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.