Cyber Posture

CWE · MITRE source

CWE-924Improper Enforcement of Message Integrity During Transmission in a Communication Channel

Abstraction: Base · CVEs in our corpus: 30

The product establishes a communication channel with an endpoint and receives a message from that endpoint, but it does not sufficiently ensure that the message was not modified during transmission.

Attackers might be able to modify the message and spoof the endpoint by interfering with the data as it crosses the network or by redirecting the connection to a system under their control.

Last updated: 09 May 2026 03:25 UTC

NIST 800-53 r5 controls that address this weakness (1)AI

Control Title Family Why it addresses this CWE
SC-8Transmission Confidentiality and IntegritySCThe control directly mandates integrity protection for transmitted information, addressing failures to enforce message integrity in transit.

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2024-35962.99.00.19022024-07-09
CVE-2025-296281.99.40.00032025-07-25
CVE-2020-58691.89.10.00292020-04-24
CVE-2024-447301.89.10.00092024-10-11
CVE-2025-05921.88.80.00102025-02-14
CVE-2021-347931.78.60.00082021-10-27
CVE-2018-72951.68.10.00182018-05-23
CVE-2021-410341.68.10.00202021-09-29
CVE-2023-28851.68.10.00102023-05-25
CVE-2023-64081.68.10.00152024-02-14
CVE-2020-116391.67.80.00142024-07-23
CVE-2024-434501.67.50.01202024-11-12
CVE-2022-31661.57.50.00152022-12-16
CVE-2023-499331.57.50.00102023-12-14
CVE-2024-89331.57.50.00092024-11-13
CVE-2018-145261.46.50.01082018-08-08
CVE-2024-123991.47.10.00202025-01-17
CVE-2019-208441.36.50.00132020-06-19
CVE-2021-213901.36.50.00392021-03-19
CVE-2023-223721.25.90.00282023-05-03
CVE-2023-33471.25.90.00422023-07-20
CVE-2015-08971.25.90.00112023-10-31
CVE-2015-29681.25.90.00112023-10-31
CVE-2023-432971.15.40.00222023-10-02
CVE-2024-392291.15.30.00092024-08-06