BaseIncomplete

CWE-510Trapdoor

Category: other

Description

A trapdoor is a hidden piece of code that responds to a special input, allowing its user access to resources without passing through the normal security enforcement mechanism.

Common consequences· 1

  • Confidentiality / Integrity / Availability / Access Control — Execute Unauthorized Code or Commands, Bypass Protection Mechanism

Potential mitigations· 2

  • [Installation]Always verify the integrity of the software that is being installed.
  • [Testing]Identify and closely inspect the conditions for entering privileged areas of the code, especially those related to authentication, process invocation, and network communications.

References

  1. https://cwe.mitre.org/data/definitions/510.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Embedded Malicious Code
CWE
Covert Channel
CWE
Uncaught Exception
CWE
Process Control
CAPEC
Code Injection
CWE
Protection Mechanism Failure
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.