BaseIncomplete

CWE-733Compiler Optimization Removal or Modification of Security-critical Code

Category: other

Description

The developer builds a security-critical protection mechanism into the software, but the compiler optimizes the program such that the mechanism is removed or modified.

Common consequences· 1

  • Access Control / Other — Bypass Protection Mechanism, Alter Execution Logic

Related CAPEC attack patterns· 5

CAPEC-10CAPEC-24CAPEC-46CAPEC-8CAPEC-9

References

  1. https://cwe.mitre.org/data/definitions/733.html

Exploits (incoming)5

TypeTargetConfidenceTier
AttackPatternOverflow Variables and Tagscapec-46100%live
AttackPatternFilter Failure through Buffer Overflowcapec-24100%live
AttackPatternBuffer Overflow in Local Command-Line Utilitiescapec-9100%live
AttackPatternBuffer Overflow in an API Callcapec-8100%live
AttackPatternBuffer Overflow via Environment Variablescapec-10100%live

(incoming)1

TypeTargetConfidenceTier
VulnerabilityCVE-2025-13024cve-2025-130240%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Processor Optimization Removal or Modification of Security-critical Code
CWE
Compiler Removal of Code to Clear Buffers
CWE
Insecure Automated Optimizations
CWE
Compilation with Insufficient Warnings or Errors
CWE
Stack-based Buffer Overflow
CWE
Process Control
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.