BaseDraft

CWE-413Improper Resource Locking

Category: logic

Description

The product does not lock or does not correctly lock a resource when the product must have exclusive access to the resource. When a resource is not properly locked, an attacker could modify the resource while it is being operated on by the product. This might violate the product's assumption that the resource will not change, potentially leading to unexpected behaviors.

Common consequences· 1

  • Integrity / Availability — Modify Application Data, DoS: Instability, DoS: Crash, Exit, or Restart

Potential mitigations· 2

  • [Architecture and Design]Use a non-conflicting privilege scheme.
  • [Architecture and Design, Implementation]Use synchronization when locking a resource.

References

  1. https://cwe.mitre.org/data/definitions/413.html

(incoming)1

TypeTargetConfidenceTier
VulnerabilityCVE-2025-3450cve-2025-34500%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Improper Locking
CWE
Incorrect Synchronization
CWE
Missing Lock Check
CWE
Missing Synchronization
CWE
Unrestricted Externally Accessible Lock
CWE
Insecure Storage of Sensitive Information
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.