Description
The product generates a core dump file in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors.
Potential Impact
Confidentiality
Read Application Data, Read Files or Directories
Mitigations & Prevention
Protect the core dump files from unauthorized access.
Detection Methods
- Automated Static Analysis High — Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then sea
Real-World CVE Examples
| CVE ID | Description |
|---|---|
| CVE-2024-10403 | SAN firmware OS includes SFTP/FTP server password in a core dump |
Related Weaknesses
Taxonomy Mappings
- CERT C Secure Coding: MEM06-C — Ensure that sensitive data is not written out to disk
Frequently Asked Questions
What is CWE-528?
CWE-528 (Exposure of Core Dump File to an Unauthorized Control Sphere) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Variant-level weakness. The product generates a core dump file in a directory, archive, or other resource that is stored, transferred, or otherwise made accessible to unauthorized actors.
How can CWE-528 be exploited?
Attackers can exploit CWE-528 (Exposure of Core Dump File to an Unauthorized Control Sphere) to read application data, read files or directories. This weakness is typically introduced during the Operation phase of software development.
How do I prevent CWE-528?
Key mitigations include: Protect the core dump files from unauthorized access.
What is the severity of CWE-528?
CWE-528 is classified as a Variant-level weakness (Low-Medium abstraction). It has been observed in 1 real-world CVEs.