NIST 800-53 r5 · Controls catalogue · Family CP
CP-10System Recovery and Reconstitution
Provide for the recovery and reconstitution of the system to a known state within {{ insert: param, cp-10_prm_1 }} after a disruption, compromise, or failure.
Last updated: 09 May 2026 03:25 UTC
Implementations targeting this control (0)
- No implementations targeting this control yet.
ATT&CK techniques this control mitigates (12)
- T1485 Data Destruction Impact
- T1485.001 Lifecycle-Triggered Deletion Impact
- T1486 Data Encrypted for Impact Impact
- T1490 Inhibit System Recovery Impact
- T1491 Defacement Impact
- T1491.001 Internal Defacement Impact
- T1491.002 External Defacement Impact
- T1561 Disk Wipe Impact
- T1561.001 Disk Content Wipe Impact
- T1561.002 Disk Structure Wipe Impact
- T1565 Data Manipulation Impact
- T1565.001 Stored Data Manipulation Impact
Weaknesses this control addresses (7)AI
CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.
| CWE | Name | CVEs | Why this control addresses it |
|---|---|---|---|
CWE-284 | Improper Access Control | 4,832 | Recovery to a known state reverts unauthorized changes to access control mechanisms after compromise. |
CWE-287 | Improper Authentication | 4,730 | System recovery re-establishes trusted authentication processes following a compromise. |
CWE-269 | Improper Privilege Management | 2,907 | Recovery ensures return to a state with correctly assigned and managed privileges. |
CWE-732 | Incorrect Permission Assignment for Critical Resource | 1,824 | Reconstitution corrects improper permission assignments on critical resources. |
CWE-285 | Improper Authorization | 1,230 | Reconstitution restores proper authorization policies and enforcement that may have been altered. |
CWE-506 | Embedded Malicious Code | 80 | Reverting to a known state removes any malicious code embedded by an attacker. |
CWE-912 | Hidden Functionality | 79 | Recovery eliminates hidden functionality or backdoors introduced during compromise. |
Top CVEs where this control is the strongest mitigation
| CVE | Risk | CVSS | EPSS | Match |
|---|---|---|---|---|
CVE-2026-27843 | 1.8 | 9.1 | 0.0008 | partial |