VYPR

CWE-114

Process Control

ClassIncomplete

Description

Executing commands or loading libraries from an untrusted source or in an untrusted environment can cause an application to execute malicious commands (and payloads) on behalf of an attacker.

Process control vulnerabilities take two forms:

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-108 · CAPEC-640

CVEs mapped to this weakness (1)

  • CVE-2024-44168MedSep 17, 2024
    risk 0.36cvss 5.5epss 0.00

    A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to modify protected parts of the file system.