Standardlikelihood: Highseverity: HighDraft

CAPEC-29Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions

Abstraction
Standard
Status
Draft
Likelihood
High
Severity
High

Description

This attack targets a race condition occurring between the time of check (state) for a resource and the time of use of a resource. A typical example is file access. The adversary can leverage a file access race condition by "running the race", meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary could replace or modify the file, causing the application to behave unexpectedly.

Related weaknesses· 9

CWE-367CWE-368CWE-366CWE-370CWE-362CWE-662CWE-691CWE-663CWE-665

Related attack patterns· 1

CAPEC-26 (ChildOf)

Exploits9

TypeTargetConfidenceTier
WeaknessImproper Synchronizationcwe-662100%live
WeaknessUse of a Non-reentrant Function in a Concurrent Contextcwe-663100%live
WeaknessInsufficient Control Flow Managementcwe-691100%live
WeaknessRace Condition within a Threadcwe-366100%live
WeaknessTime-of-check Time-of-use (TOCTOU) Race Conditioncwe-367100%live
WeaknessImproper Initializationcwe-665100%live
WeaknessContext Switching Race Conditioncwe-368100%live
WeaknessMissing Check for Certificate Revocation after Initial Checkcwe-370100%live
WeaknessConcurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')cwe-362100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Leveraging Race Conditions
CWE
Time-of-check Time-of-use (TOCTOU) Race Condition
CAPEC
Leveraging Race Conditions via Symbolic Links
CVE
Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability
CVE
Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
CVE
CVE-2026-4878
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.