BaseDraft

CWE-617Reachable Assertion

Category: other

Description

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

Common consequences· 1

  • Availability — DoS: Crash, Exit, or Restart
    An attacker that can trigger an assert statement can still lead to a denial of service if the relevant code can be triggered by an attacker, and if the scope of the assert() extends beyond the attacker's own session.

Potential mitigations· 2

  • [Implementation]Make sensitive open/close operation non reachable by directly user-controlled data (e.g. open/close resources)
  • [Implementation]Perform input validation on user data.

References

  1. https://cwe.mitre.org/data/definitions/617.html

(incoming)2

TypeTargetConfidenceTier
VulnerabilityCVE-2026-27809cve-2026-278090%live
VulnerabilityCVE-2026-31739cve-2026-317390%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Use of Potentially Dangerous Function
CWE
Incorrect Provision of Specified Functionality
CWE
Misinterpretation of Input
CWE
Exposed Dangerous Method or Function
CWE
Use of Prohibited Code
CWE
Incorrect Use of Privileged APIs
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.