NIST 800-53 r5 · Controls catalogue · Family SR

SR-10Inspection of Systems or Components

Inspect the following systems or system components {{ insert: param, sr-10_odp.02 }} to detect tampering: {{ insert: param, sr-10_odp.01 }}.

Last updated: 09 May 2026 03:25 UTC

Implementations targeting this control (0)

CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.

CWE	Name	CVEs	Why this control addresses it
`CWE-829`	Inclusion of Functionality from Untrusted Control Sphere	254	Inspection can detect malicious functionality that was included from an untrusted sphere through tampering or supply-chain attack.
`CWE-494`	Download of Code Without Integrity Check	242	Post-download inspection serves as a compensating control that detects code tampering when integrity checks were not performed at acquisition time.
`CWE-506`	Embedded Malicious Code	80	Direct inspection of components can detect embedded malicious code inserted through supply-chain or runtime tampering.
`CWE-912`	Hidden Functionality	79	Inspection can reveal hidden functionality that an attacker has introduced via tampering or unauthorized modification.
`CWE-1191`	On-Chip Debug and Test Interface With Improper Access Control	20	Inspection of on-chip debug/test interfaces can identify tampering or unauthorized access that those interfaces enable.
`CWE-1242`	Inclusion of Undocumented Features or Chicken Bits	14	Inspection can uncover undocumented features or chicken bits that result from tampering or malicious insertion.
`CWE-1263`	Improper Physical Access Control	13	Physical inspection directly detects tampering that occurs when physical access controls are absent or bypassed.

CVE	Risk	CVSS	EPSS	Match
`CVE-2026-43003`	1.6	8.0	0.0004	good