NIST 800-53 r5 · Controls catalogue · Family CP
CP-12Safe Mode
When {{ insert: param, cp-12_odp.02 }} are detected, enter a safe mode of operation with {{ insert: param, cp-12_odp.01 }}.
Last updated: 09 May 2026 03:25 UTC
Implementations targeting this control (0)
- No implementations targeting this control yet.
ATT&CK techniques this control mitigates (0)
- No ATT&CK techniques mapped to this control yet.
Weaknesses this control addresses (4)AI
CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.
| CWE | Name | CVEs | Why this control addresses it |
|---|---|---|---|
CWE-754 | Improper Check for Unusual or Exceptional Conditions | 697 | Implements detection of unusual or exceptional conditions followed by safe mode entry, reducing the window for exploitation of unchecked conditions. |
CWE-755 | Improper Handling of Exceptional Conditions | 662 | Supplies a concrete handling action (safe mode) for exceptional conditions, mitigating risks from improper or absent handling that could allow continued attacks. |
CWE-703 | Improper Check or Handling of Exceptional Conditions | 146 | Provides a defined response to detected conditions by restricting operation, ensuring exceptional conditions are handled rather than ignored or mishandled. |
CWE-636 | Not Failing Securely ('Failing Open') | 27 | Entering safe mode when conditions are detected prevents failing open and continuing normal operation in a potentially exploitable state. |
Top CVEs where this control is the strongest mitigation
| CVE | Risk | CVSS | EPSS | Match |
|---|---|---|---|---|
| No CVEs annotated to this control yet — the per-CVE backfill is in progress. | ||||