CWE-345

Insufficient Verification of Data Authenticity

Class

Draft

The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

Parent Weaknesses (ChildOf)

Scope

Integrity

Other

Impact

Varies by Context, Unexpected State

Distributed Control System (DCS) does not sign firmware images and only relies on insecure checksums for integrity checks

Distributed Control System (DCS) does not sign firmware images and only relies on insecure checksums for integrity checks

Remote Terminal Unit (RTU) does not use signatures for firmware images and relies on insecure checksums

Not Language-Specific

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.