CWE · MITRE source
CWE-321Use of Hard-coded Cryptographic Key
The product uses a hard-coded, unchangeable cryptographic key.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (5)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
SA-12 | Supply Chain Protection | SA | Supply chain protection includes scrutiny of cryptographic implementations, reducing hard-coded keys planted by untrusted vendors. |
SA-4 | Acquisition Process | SA | Functional and assurance requirements specified in acquisition can prohibit hard-coded cryptographic keys in delivered products. |
SC-12 | Cryptographic Key Establishment and Management | SC | Proper key establishment and management processes directly preclude embedding static cryptographic keys in source code or binaries. |
SC-17 | Public Key Infrastructure Certificates | SC | Approved PKI issuance and trust stores replace ad-hoc or hard-coded keys with properly managed, signed certificates. |
SR-6 | Supplier Assessments and Reviews | SR | Assessments can uncover and prevent suppliers from shipping components that contain hard-coded cryptographic keys. |
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2016-4437 KEV | 9.6 | 9.8 | 0.9421 | 2016-06-07 |
CVE-2025-30406 KEV | 8.8 | 9.0 | 0.8340 | 2025-04-03 |
CVE-2023-32077 | 6.7 | 7.5 | 0.8656 | 2023-08-24 |
CVE-2023-27584 | 5.9 | 9.8 | 0.6618 | 2024-09-19 |
CVE-2025-13316 | 5.9 | 8.1 | 0.7168 | 2025-11-19 |
CVE-2020-10884 | 2.9 | 8.8 | 0.1907 | 2020-03-25 |
CVE-2021-40119 | 2.4 | 9.8 | 0.0764 | 2021-11-04 |
CVE-2020-1764 | 2.1 | 8.6 | 0.0605 | 2020-03-26 |
CVE-2024-2413 | 2.1 | 9.8 | 0.0290 | 2024-03-13 |
CVE-2023-32169 | 2.1 | 9.8 | 0.0274 | 2024-05-03 |
CVE-2024-30207 | 2.1 | 10.0 | 0.0190 | 2024-05-14 |
CVE-2025-57174 | 2.1 | 9.8 | 0.0151 | 2025-09-15 |
CVE-2017-14021 | 2.0 | 9.8 | 0.0008 | 2017-11-01 |
CVE-2016-9335 | 2.0 | 10.0 | 0.0022 | 2018-05-09 |
CVE-2018-0040 | 2.0 | 9.8 | 0.0016 | 2018-07-11 |
CVE-2019-19750 | 2.0 | 9.8 | 0.0035 | 2019-12-12 |
CVE-2020-6990 | 2.0 | 9.8 | 0.0015 | 2020-03-16 |
CVE-2020-2500 | 2.0 | 9.8 | 0.0026 | 2020-07-01 |
CVE-2021-27389 | 2.0 | 9.8 | 0.0041 | 2021-04-22 |
CVE-2021-32520 | 2.0 | 9.8 | 0.0021 | 2021-07-07 |
CVE-2022-22987 | 2.0 | 9.8 | 0.0020 | 2022-02-04 |
CVE-2022-0664 | 2.0 | 9.8 | 0.0031 | 2022-02-18 |
CVE-2022-2641 | 2.0 | 9.8 | 0.0030 | 2022-12-02 |
CVE-2022-2660 | 2.0 | 9.8 | 0.0023 | 2022-12-13 |
CVE-2023-27583 | 2.0 | 9.8 | 0.0048 | 2023-03-13 |