CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel

The product establishes a communication channel with an endpoint and receives a message from that endpoint, but it does not sufficiently ensure that the message was not modified during transmission.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Base

Abstraction

MITRE classification

Overview

Attackers might be able to modify the message and spoof the endpoint by interfering with the data as it crosses the network or by redirecting the connection to a system under their control.

CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Frequently asked questions

What is CWE-924?

What CVEs are caused by CWE-924?

What are the consequences of CWE-924?

Is CWE-924 actively exploited?

References

Stay ahead of CWE-924

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Related weaknesses

Parent

Frequently asked questions

What is CWE-924?

What CVEs are caused by CWE-924?

What are the consequences of CWE-924?

Is CWE-924 actively exploited?

References

Stay ahead of CWE-924