CWE-1037 - Processor Optimization Removal or Modification of Security-critical Code
- 摘要:Base
- 结构:Simple
- 状态:Incomplete
- 发布日期:2018-03-29
- 更新日期:2023-06-29
名称
Processor Optimization Removal or Modification of Security-critical Code
描述
The developer builds a security-critical protection mechanism into the software, but the processor optimizes the execution of the program such that the mechanism is removed or modified.
常见后果
范围:Integrity
影响:Bypass Protection Mechanism
注释:A successful exploitation of this weakness will change the order of an application's execution and will likely be used to bypass specific protection mechanisms. This bypass can be exploited further to potentially read data that should otherwise be unaccessible.