CWE-669: Incorrect Resource Transfer Between Spheres
The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere, in a manner that provides unintended control over that resource.
Last updated
Overview
CWE-669 (Incorrect Resource Transfer Between Spheres) is a class-level software weakness catalogued by MITRE in the Common Weakness Enumeration (CWE). It describes a recurring type of mistake that can lead to exploitable security vulnerabilities.
Background
A "control sphere" is a set of resources and behaviors that are accessible to a single actor, or a group of actors. A product's security model will typically define multiple spheres, possibly implicitly. For example, a server might define one sphere for "administrators" who can create new user accounts with subdirectories under /home/server/, and a second sphere might cover the set of users who can create or delete files within their own subdirectories. A third sphere might be "users who are authenticated to the operating system on which the product is installed." Each sphere has different sets of actors and allowable behaviors.
Real-world CVEs
57 recorded CVEs are caused by CWE-669 (Incorrect Resource Transfer Between Spheres), including 1 in CISA's KEV (Known Exploited Vulnerabilities) catalog. KEVs are shown first. 25 new CWE-669 CVEs have been recorded so far in 2026 (17 in 2025).