CWE-733

Compiler Optimization Removal or Modification of Security-critical Code

Base

Incomplete

Description

The developer builds a security-critical protection mechanism into the software, but the compiler optimizes the program such that the mechanism is removed or modified.

Parent Weaknesses (ChildOf)

CWE-1038: Insecure Automated Optimizatio...

Common Consequences

Scope

Access Control

Other

Impact

Bypass Protection Mechanism, Alter Execution Logic

CVE-2008-1685

C compiler optimization, as allowed by specifications, removes code that is used to perform checks to detect integer overflows.

CVE-2019-1010006

Chain: compiler optimization (CWE-733) removes or modifies code used to detect integer overflow (CWE-190), allowing out-of-bounds write (CWE-787).

Applicable Platforms

C++

Compiled

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CWE-733

Compiler Optimization Removal or Modification of Security-critical Code

Description

Relationships

Common Consequences

Related CVEs

Applicable Platforms