Cyber Posture

NIST 800-53 r5 · Controls catalogue · Family SA

SA-18Tamper Resistance and Detection

Tamper Resistance and Detection

Last updated: 09 May 2026 03:25 UTC

Implementations targeting this control (0)

ATT&CK techniques this control mitigates (0)

Weaknesses this control addresses (7)AI

CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.

CWE Name CVEs Why this control addresses it
CWE-284Improper Access Control4,832Tamper resistance mechanisms directly enforce access control boundaries to prevent unauthorized modification of hardware, firmware, or software.
CWE-732Incorrect Permission Assignment for Critical Resource1,824Correct and hardened permission assignments on critical resources are a primary means of achieving tamper resistance at the system level.
CWE-693Protection Mechanism Failure476The control explicitly requires implementation and verification of protection mechanisms that would otherwise fail and allow tampering.
CWE-494Download of Code Without Integrity Check242Tamper resistance and detection commonly include integrity verification of code and firmware obtained from external sources.
CWE-354Improper Validation of Integrity Check Value184Proper validation of integrity check values is required for reliable tamper detection, directly reducing undetected modification risks.
CWE-653Improper Isolation or Compartmentalization52Isolation and compartmentalization techniques are core to tamper resistance, limiting an attacker's ability to reach or alter protected components.
CWE-353Missing Support for Integrity Check37Tamper detection fundamentally depends on integrity-checking capabilities that this control mandates or strengthens.

Top CVEs where this control is the strongest mitigation

CVE Risk CVSS EPSS Match
CVE-2025-149631.67.80.0003good

Other controls in family SA

SA-1 SA-10 SA-11 SA-12 SA-13 SA-14 SA-15 SA-16 SA-17 SA-19 SA-2 SA-20 SA-21 SA-22 SA-23 SA-24 SA-3 SA-4 SA-5 SA-6 SA-7 SA-8 SA-9