BaseIncomplete

CWE-1269Product Released in Non-Release Configuration

Category: config

Description

The product released to market is released in pre-production or manufacturing configuration.

Common consequences· 1

  • Confidentiality / Integrity / Availability / Access Control / Accountability / Authentication / Authorization / Non-Repudiation — Other

Potential mitigations· 3

  • [Implementation]Ensure that there exists a marker for denoting the Manufacturing Complete stage and that the Manufacturing Complete marker gets updated at the Manufacturing Complete stage (i.e., the Manufacturing Complete fuse gets blown).
  • [Integration]Ensure that there exists a marker for denoting the Manufacturing Complete stage and that the Manufacturing Complete marker gets updated at the Manufacturing Complete stage (i.e., the Manufacturing Complete fuse gets blown).
  • [Manufacturing]Ensure that there exists a marker for denoting the Manufacturing Complete stage and that the Manufacturing Complete marker gets updated at the Manufacturing Complete stage (i.e., the Manufacturing Complete fuse gets blown).

Related CAPEC attack patterns· 1

CAPEC-439

References

  1. https://cwe.mitre.org/data/definitions/1269.html

Exploits (incoming)1

TypeTargetConfidenceTier
AttackPatternManipulation During Distributioncapec-439100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Inconsistency Between Implementation and Documented Design
CWE
Improper Check or Handling of Exceptional Conditions
CWE
Improper Check for Unusual or Exceptional Conditions
CWE
Active Debug Code
CWE
Improper Handling of Physical or Environmental Conditions
CWE
Excessive Attack Surface
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.