CWE•Class•Draft•14 recent CVEs
CWE-653Improper Isolation or Compartmentalization
Description
The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.
When a weakness occurs in functionality that is accessible by lower-privileged users, then without strong boundaries, an attack might extend the scope of the damage to higher-privileged users.
Common consequences
- Access Control→Gain Privileges or Assume Identity,Bypass Protection MechanismThe exploitation of a weakness in low-privileged areas of the software can be leveraged to reach higher-privileged areas without having to overcome any additional obstacles.
Potential mitigations
- Architecture and DesignBreak up privileges between different modules, objects, or entities. Minimize the interfaces between modules and require strong access control between them.
Related CWEs
Recent CVEs classified under this CWE
CVE-2026-411555.52026-06-12CVE-2026-427827.22026-05-25CVE-2026-269569.82026-05-04CVE-2026-263329.82026-05-04CVE-2026-247819.82026-05-04CVE-2026-411746.42026-04-30CVE-2026-409684.22026-04-28CVE-2026-56004.32026-04-08CVE-2026-55992026-04-05CVE-2026-347756.82026-04-04CVE-2026-42827.42026-04-02CVE-2025-128058.12026-03-26CVE-2026-469210.02026-03-24CVE-2025-40839.12025-04-29