BaseIncomplete

CWE-924Improper Enforcement of Message Integrity During Transmission in a Communication Channel

Category: other

Description

The product establishes a communication channel with an endpoint and receives a message from that endpoint, but it does not sufficiently ensure that the message was not modified during transmission. Attackers might be able to modify the message and spoof the endpoint by interfering with the data as it crosses the network or by redirecting the connection to a system under their control.

Common consequences· 1

  • Integrity / Confidentiality — Gain Privileges or Assume Identity
    If an attackers can spoof the endpoint, the attacker gains all the privileges that were intended for the original endpoint.

References

  1. https://cwe.mitre.org/data/definitions/924.html

(incoming)2

TypeTargetConfidenceTier
VulnerabilityCVE-2025-0592cve-2025-05920%live
VulnerabilityCVE-2025-29628cve-2025-296280%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Improper Neutralization
CWE
Improper Validation of Integrity Check Value
CWE
Channel Accessible by Non-Endpoint
CWE
Improper Restriction of Communication Channel to Intended Endpoints
CWE
Improper Verification of Source of a Communication Channel
CWE
Cleartext Transmission of Sensitive Information
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.