BaseIncomplete

CWE-824Access of Uninitialized Pointer

Category: memory

Description

The product accesses or uses a pointer that has not been initialized.

Common consequences· 3

  • Confidentiality — Read Memory
    If the uninitialized pointer is used in a read operation, an attacker might be able to read sensitive portions of memory.
  • Availability — DoS: Crash, Exit, or Restart
    If the uninitialized pointer references a memory location that is not accessible to the product, or points to a location that is "malformed" (such as NULL) or larger than expected by a read or write operation, then a crash may occur.
  • Integrity / Confidentiality / Availability — Execute Unauthorized Code or Commands
    If the uninitialized pointer is used in a function call, or points to unexpected data in a write operation, then code execution may be possible.

References

  1. https://cwe.mitre.org/data/definitions/824.html

(incoming)5

TypeTargetConfidenceTier
VulnerabilityCVE-2025-32451cve-2025-324510%live
VulnerabilityCVE-2025-66588cve-2025-665880%live
VulnerabilityCVE-2026-2785cve-2026-27850%live
VulnerabilityCVE-2026-2805cve-2026-28050%live
KEVEntryMicrosoft Windows Runtime Remote Code Execution Vulnerabilitykev-cve-2022-219710%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
NULL Pointer Dereference
CWE
Use of Uninitialized Resource
CWE
Access of Resource Using Incompatible Type ('Type Confusion')
CWE
Missing Initialization of a Variable
CWE
Unchecked Return Value to NULL Pointer Dereference
CWE
Use of Out-of-range Pointer Offset
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.