CWE-693: Protection Mechanism Failure

Description

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

Extended Description

This weakness covers three distinct situations. A "missing" protection mechanism occurs when the application does not define any mechanism against a certain class of attack. An "insufficient" protection mechanism might provide some defenses - for example, against the most common attacks - but it does not protect against everything that is intended. Finally, an "ignored" mechanism occurs when a mechanism is available and in active use within the product, but the developer has not applied it in some code path.

ThreatScore

Threat Mapped score: 0.0

Industry: Finiancial

Threat priority: Unclassified

Observed Examples (CVEs)

No observed examples available.

Related Attack Patterns (CAPEC)

Attack TTPs

T1040 — Network Sniffing (credential-access, discovery)
T1611 — Escape to Host (privilege-escalation)
T1574.005 — Executable Installer File Permissions Weakness (persistence, privilege-escalation, defense-evasion)
T1083 — File and Directory Discovery (discovery)
T1574.010 — Services File Permissions Weakness (persistence, privilege-escalation, defense-evasion)
T1565.002 — Transmitted Data Manipulation (impact)

Malware

APTs (Intrusion Sets)

Modes of Introduction

Phase	Note
Architecture and Design	N/A
Implementation	N/A
Operation	N/A

Common Consequences

Impact: Bypass Protection Mechanism — Notes:

Potential Mitigations

None listed.

Applicable Platforms

None (Not Language-Specific, Undetermined)

Demonstrative Examples

N/A

Notes

Research Gap: The concept of protection mechanisms is well established, but protection mechanism failures have not been studied comprehensively. It is suspected that protection mechanisms can have significantly different types of weaknesses than the weaknesses that they are intended to prevent.

← Back to CWE list