CWE-506 - Embedded Malicious Code
CWE-506
- Abstraction:
- Class
- Structure:
- Simple
- Status:
- Incomplete
- Weakness Name
Embedded Malicious Code
- Description
The product contains code that appears to be malicious in nature.
Malicious flaws have acquired colorful names, including Trojan horse, trapdoor, timebomb, and logic-bomb. A developer might insert malicious code with the intent to subvert the security of a product or its host system at some time in the future. It generally refers to a program that performs a useful service but exploits rights of the program's user in a way the user does not intend.
- Common Consequences
Scope: Confidentiality, Integrity, Availability
Impact: Execute Unauthorized Code or Commands
- Related Weaknesses
- Release Date:
- 2006-07-19
- Latest Modification Date:
- 2024-07-16
Free security scan for your website