CWE-508: Non-Replicating Malicious Code
Non-replicating malicious code only resides on the target system or product that is attacked; it does not attempt to spread to other systems.
Last updated
Overview
CWE-508 (Non-Replicating Malicious Code) is a base-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Common consequences
What can happen when CWE-508 is exploited.
Execute Unauthorized Code or Commands
Affects: Confidentiality, Integrity, Availability
How it happens
When it is introduced
Typically introduced during these phases of the software lifecycle.
How to prevent it
Practical mitigations for CWE-508, grouped by where in the lifecycle they apply.
Antivirus software can help mitigate known malicious code.