BaseIncomplete

CWE-820Missing Synchronization

Category: logic

Description

The product utilizes a shared resource in a concurrent manner but does not attempt to synchronize access to the resource. If access to a shared resource is not synchronized, then the resource may not be in a state that is expected by the product. This might lead to unexpected or insecure behaviors, especially if an attacker can influence the shared resource.

Common consequences· 1

  • Integrity / Confidentiality / Other — Modify Application Data, Read Application Data, Alter Execution Logic

References

  1. https://cwe.mitre.org/data/definitions/820.html

(incoming)1

TypeTargetConfidenceTier
VulnerabilityCVE-2025-47154cve-2025-471540%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Incorrect Synchronization
CWE
Improper Synchronization
CWE
Improper Resource Locking
CWE
Missing Lock Check
CWE
Unsynchronized Access to Shared Data in a Multithreaded Context
CWE
Use of Singleton Pattern Without Synchronization in a Multithreaded Context
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.