CWE-695: Use of Low-Level Functionality

The product uses low-level functionality that is explicitly prohibited by the framework or specification under which the product is supposed to operate.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Base

Abstraction

MITRE classification

Overview

The use of low-level functionality can violate the specification in unexpected ways that effectively disable built-in protection mechanisms, introduce exploitable inconsistencies, or otherwise expose the functionality to attack.

CWE-695: Use of Low-Level Functionality

Overview

Common consequences

How it happens

When it is introduced

How to detect it

Automated Static Analysis

Code examples

Attack patterns

Frequently asked questions

What is CWE-695?

How is CWE-695 detected?

What are the consequences of CWE-695?

References

Stay ahead of CWE-695

Overview

Common consequences

How it happens

When it is introduced

How to detect it

Automated Static Analysis

Code examples

Related weaknesses

Parent

Child

Attack patterns

Frequently asked questions

What is CWE-695?

How is CWE-695 detected?

What are the consequences of CWE-695?

References

Stay ahead of CWE-695