Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-693 (保护机制失效) — Vulnerability Class 225

225 vulnerabilities classified as CWE-693 (保护机制失效). AI Chinese analysis included.

CWE-693 represents a critical vulnerability where software fails to implement or correctly utilize necessary security controls, leaving systems exposed to directed attacks. This weakness manifests in two primary forms: missing mechanisms, where no defense exists for a specific threat vector, and insufficient mechanisms, where existing safeguards are inadequate or improperly configured. Attackers typically exploit these gaps by bypassing authentication, escalating privileges, or accessing sensitive data that should have been restricted. To mitigate this risk, developers must conduct rigorous threat modeling to identify all potential attack surfaces and ensure comprehensive security controls are in place. Regular code reviews and automated security testing help verify that protection mechanisms function as intended. By adopting a defense-in-depth strategy and validating that every security feature is both present and robust, organizations can significantly reduce the likelihood of exploitation and maintain the integrity of their applications.

MITRE CWE Description
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product. This weakness covers three distinct situations. A "missing" protection mechanism occurs when the application does not define any mechanism against a certain class of attack. An "insufficient" protection mechanism might provide some defenses - for example, against the most common attacks - but it does not protect against everything that is intended. Finally, an "ignored" mechanism occurs when a mechanism is available and in active use within the product, but the developer has not applied it in some code path.
Common Consequences (1)
Access ControlBypass Protection Mechanism
CVE IDTitleCVSSSeverityPublished
CVE-2025-15422 EmpireSoft EmpireCMS IP Address connect.php egetip protection mechanism — EmpireCMS 5.3 Medium2026-01-02
CVE-2025-68668 n8n Vulnerable to Arbitrary Command Execution in Pyodide based Python Code Node — n8n 9.9 Critical2025-12-26
CVE-2025-13326 Mattermost Desktop App fails to enable Hardened Runtime when packaged for Mac App Store — Mattermost 3.9 Low2025-12-17
CVE-2025-14304 ASRock, ASRockRack, ASRockInd|Motherboard - Protection Mechanism Failure — Intel 500 chipset motherboard 6.8 Medium2025-12-17
CVE-2025-14303 MSI|Motherboard - Protection Mechanism Failure — Intel 600 chipset motherboard 6.8 Medium2025-12-17
CVE-2025-14302 GIGABYTE|Motherboard - Protection Mechanism Failure — intel 600 chipset Motherboard 6.8 Medium2025-12-17
CVE-2025-67460 Zoom Rooms for Windows - Software Downgrade Protection Mechanism Failure — Zoom Rooms 7.8 High2025-12-10
CVE-2025-67485 HTTP/HTTPS Traffic Interception Bypass in mad-proxy — mad-proxy 5.3 Medium2025-12-10
CVE-2025-34413 Legality WHISTLEBLOWING Missing Critical HTTP Security Headers — Legality WHISTLEBLOWING 5.4AIMediumAI2025-12-09
CVE-2025-66479 Anthropic Sandbox Runtime Incorrectly Implemented Network Sandboxing — sandbox-runtime 5.3AIMediumAI2025-12-04
CVE-2025-64763 Envoy forwards early CONNECT data in TCP proxy mode — envoy 3.7 Low2025-12-03
CVE-2025-29864 Estsoft Alzip 安全漏洞 — ALZip 6.2AIMediumAI2025-12-03
CVE-2025-65100 Security Snapshot May Use Unintended Timestamp When Only ISAR_APT_SNAPSHOT_DATE Is Set — isar 9.1AICriticalAI2025-11-19
CVE-2025-11260 WP Headless CMS Framework <= 1.15 - Unauthenticated Protection Mechanism Bypass — WP Headless CMS Framework 5.3 Medium2025-11-13
CVE-2025-10905 Collision in minifilter driver of Avast Free Antivirus results in disabling of real-time protection — Free Antivirus 4.4 Medium2025-11-11
CVE-2025-60711 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability — Microsoft Edge (Chromium-based) 6.3 Medium2025-10-31
CVE-2025-12554 Missing Security Headers — BLU-IC2--2025-10-31
CVE-2025-12094 OOPSpam Anti-Spam: Spam Protection for WordPress Forms & Comments (No CAPTCHA) <= 1.2.53 - Unauthenticated IP Header Spoofing — OOPSpam Anti-Spam: Spam Protection for WordPress Forms & Comments (No CAPTCHA) 5.3 Medium2025-10-31
CVE-2025-0277 HCL BigFix Mobile is affected by an insecure Content Security Policy (CSP) — BigFix Mobile 6.5 Medium2025-10-16
CVE-2025-0276 HCL BigFix Modern Client Management (MCM) is affected by an insecure Content Security Policy (CSP) — BigFix Modern Client Management 6.5 Medium2025-10-16
CVE-2025-52615 HCL Unica Platform is impacted by misconfigured security related HTTP headers — Unica Platform 3.5 Low2025-10-12
CVE-2025-10157 PickleScan Bypasses Unsafe Globals Check Using Submodule Imports — picklescan 9.8AICriticalAI2025-09-17
CVE-2025-54917 MapUrlToZone Security Feature Bypass Vulnerability — Windows 10 Version 1507 4.3 Medium2025-09-09
CVE-2025-20347 Cisco Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerability — Cisco Data Center Network Manager 5.4 Medium2025-08-27
CVE-2025-43728 Dell ThinOS 10 安全漏洞 — ThinOS 10 9.6 Critical2025-08-27
CVE-2025-3770 SMM IDT Privilege Escalation Vulnerability — EDK2 7.0 High2025-08-07
CVE-2025-8656 Kenwood DMX958XR Protection Mechanism Failure Software Downgrade Vulnerability — DMX958XR 4.6AIMediumAI2025-08-06
CVE-2025-52951 Junos OS: IPv6 firewall filter fails to match payload-protocol — Junos OS 5.8 Medium2025-07-11
CVE-2025-46358 Emerson ValveLink Products Protection Mechanism Failure — ValveLink SOLO 7.7 High2025-07-10
CVE-2025-49740 Windows SmartScreen Security Feature Bypass Vulnerability — Windows 10 Version 1507 8.8 High2025-07-08

Vulnerabilities classified as CWE-693 (保护机制失效) represent 225 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.