PillarDraft

CWE-682Incorrect Calculation

Category: other

Description

The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management. When product performs a security-critical calculation incorrectly, it might lead to incorrect resource allocations, incorrect privilege assignments, or failed comparisons among other things. Many of the direct results of an incorrect calculation can lead to even larger problems such as failed protection mechanisms or even arbitrary code execution.

Common consequences· 4

  • Availability — DoS: Crash, Exit, or Restart
    If the incorrect calculation causes the program to move into an unexpected state, it may lead to a crash or impairment of service.
  • Integrity / Confidentiality / Availability — DoS: Crash, Exit, or Restart, DoS: Resource Consumption (Other), Execute Unauthorized Code or Commands
    If the incorrect calculation is used in the context of resource allocation, it could lead to an out-of-bounds operation (CWE-119) leading to a crash or even arbitrary code execution. Alternatively, it may result in an integer overflow (CWE-190) and / or a resource consumption problem (CWE-400).
  • Access Control — Gain Privileges or Assume Identity
    In the context of privilege or permissions assignment, an incorrect calculation can provide an attacker with access to sensitive resources.
  • Access Control — Bypass Protection Mechanism
    If the incorrect calculation leads to an insufficient comparison (CWE-697), it may compromise a protection mechanism such as a validation routine and allow an attacker to bypass the security-critical code.

Potential mitigations· 5

  • [Implementation]Understand your programming language's underlying representation and how it interacts with numeric calculation. Pay close attention to byte size discrepancies, precision, signed/unsigned distinctions, truncation, conversion and casting between types, "not-a-number" calculations, and how your language handles numbers that are too large or too small for its underlying representation.
  • [Implementation]Perform input validation on any numeric input by ensuring that it is within the expected range. Enforce that the input meets both the minimum and maximum requirements for the expected range.
  • [Implementation]Use the appropriate type for the desired action. For example, in C/C++, only use unsigned types for values that could never be negative, such as height, width, or other numbers related to quantity.
  • [Architecture and Design]
  • [Architecture and Design]

Related CAPEC attack patterns· 2

CAPEC-128CAPEC-129

References

  1. https://cwe.mitre.org/data/definitions/682.html

Exploits (incoming)2

TypeTargetConfidenceTier
AttackPatternPointer Manipulationcapec-129100%live
AttackPatternInteger Attackscapec-128100%live

(incoming)3

TypeTargetConfidenceTier
VulnerabilityCVE-2025-5372cve-2025-53720%live
VulnerabilityCVE-2026-1229cve-2026-12290%live
VulnerabilityCVE-2026-28410cve-2026-284100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Integer Overflow or Wraparound
CWE
Operator Precedence Logic Error
CWE
Inefficient Algorithmic Complexity
CWE
Unsigned to Signed Conversion Error
CWE
Misinterpretation of Input
CWE
Integer Overflow to Buffer Overflow
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.