NIST 800-53 r5 · Controls catalogue · Family SR
SR-9Tamper Resistance and Detection
Implement a tamper protection program for the system, system component, or system service.
Last updated: 09 May 2026 03:25 UTC
Implementations targeting this control (0)
- No implementations targeting this control yet.
ATT&CK techniques this control mitigates (0)
- No ATT&CK techniques mapped to this control yet.
Weaknesses this control addresses (7)AI
CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.
| CWE | Name | CVEs | Why this control addresses it |
|---|---|---|---|
CWE-284 | Improper Access Control | 4,832 | Tamper protection directly detects and resists unauthorized modifications that improper access control would otherwise permit. |
CWE-732 | Incorrect Permission Assignment for Critical Resource | 1,824 | Provides detection and resistance layers that reduce exploitability of incorrect critical-resource permissions. |
CWE-345 | Insufficient Verification of Data Authenticity | 643 | The control implements verification mechanisms that detect tampering by ensuring data authenticity. |
CWE-494 | Download of Code Without Integrity Check | 242 | Mandates integrity verification on system components, closing the gap that allows download without checks. |
CWE-354 | Improper Validation of Integrity Check Value | 184 | Requires proper validation of integrity mechanisms, directly mitigating flawed check-value handling. |
CWE-506 | Embedded Malicious Code | 80 | Tamper detection mechanisms can identify embedded malicious code inserted via supply-chain or runtime tampering. |
CWE-353 | Missing Support for Integrity Check | 37 | Tamper protection programs explicitly add integrity checks where support was previously missing. |
Top CVEs where this control is the strongest mitigation
| CVE | Risk | CVSS | EPSS | Match |
|---|---|---|---|---|
| No CVEs annotated to this control yet — the per-CVE backfill is in progress. | ||||