ICS Operations (& Maintenance): Emerging Energy Technologies

A category in the Common Weakness Enumeration published by The MITRE Corporation.


Summary

Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.

Weaknesses in this category are related to the "Emerging Energy Technologies" category from the SEI ETF "Categories of Security Vulnerabilities in ICS" as published in March 2022. Note: members of this category include "Nearest IT Neighbor" recommendations from the report, as well as suggestions by the CWE team. These relationships are likely to change in future CWE versions.

Weaknesses

Improper Authorization

The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

Improper Certificate Validation

The software does not validate, or incorrectly validates, a certificate.

Improper Following of a Certificate's Chain of Trust

The software does not follow, or incorrectly follows, the chain of trust for a certificate back to a trusted root certificate, resulting in incorrect trust of any reso...

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process th...

Insufficient Control of Network Message Volume (Network Amplification)

The software does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the software to transmit more traffic than should ...

Origin Validation Error

The software does not properly verify that the source of data or communication is valid.

URL Redirection to Untrusted Site ('Open Redirect')

A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.

Concepts

Weaknesses in SEI ETF Categories of Security Vulnerabilities in ICS

CWE entries in this view (graph) are associated with the Categories of Security Vulnerabilities in ICS, as published by the Securing Energy Infrastructure Executive Ta...

See Also

  1. Categories of Security Vulnerabilities in ICS

    Securing Energy Infrastructure Executive Task Force (SEI ETF)


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.