CWE-494 - Download of Code Without Integrity Check


The weakness consists in downloading of source or executable code without checking its origin and integrity. Lack of verifying allows attackers to deceive the system by execution or changing a malicious code. Using of untrusted code allows offenders to execute attacker-controlled commands, read or modify potentially sensitive information or worsen software functioning for legitimate users.
The weakness is introduced during Architecture and Design, Implementation stages.

Latest vulnerabilities for CWE-494


Description of CWE-494 on Mitre website