CWE WEAKNESSES / CWE-653
CWE-653
Improper Isolation or Compartmentalization
Class
What it is
The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.
When a weakness occurs in functionality that is accessible by lower-privileged users, then without strong boundaries, an attack might extend the scope of the damage to higher-privileged users.
Impact
| Access Control | Gain Privileges or Assume Identity, Bypass Protection Mechanism |
Mitigations
- [Architecture and Design] Break up privileges between different modules, objects, or entities. Minimize the interfaces between modules and require strong access control between them.
Real-world CVE examples
- CVE-2021-33096 — Improper isolation of shared resource in a network-on-chip leads to denial of service
- CVE-2019-6260 — Baseboard Management Controller (BMC) device implements Advanced High-performance Bus (AHB) bridges that do not require authentication for arbitrary read and wr
Related weaknesses
Test & detect
Browse all common weaknesses, check related exploited CVEs, or map to ATT&CK techniques.
Source: MITRE CWE. View on cwe.mitre.org →