Variant weakness
Draft
CWE-453: Insecure Default Variable Initialization
The product, by default, initializes an internal variable with an insecure or less secure value than is possible.
15
Recorded CVEs
With this primary weakness
0
KEVs
In the CISA KEV catalog
Not rated
Likelihood of exploit
Per MITRE
Variant
Abstraction
MITRE classification
Overview
CWE-453 (Insecure Default Variable Initialization) is a variant-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.