CWE-511

Logic/Time Bomb

Base

Incomplete

Description

The product contains code that is designed to disrupt the legitimate operation of the product (or its environment) when a certain time passes, or when a certain logical condition is met.

When the time bomb or logic bomb is detonated, it may perform a denial of service such as crashing the system, deleting critical data, or degrading system response time. This bomb might be placed within either a replicating or non-replicating Trojan horse.

Parent Weaknesses (ChildOf)

CWE-506: Embedded Malicious Code...

Common Consequences

Scope

Other

Integrity

Impact

Varies by Context, Alter Execution Logic

Potential Mitigations

Installation

Always verify the integrity of the product that is being installed.

Applicable Platforms

Not Language-Specific

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now