CWE-1037 5 CVEs MITRE definition ↗

CWE-1037: Processor Optimization Removal or Modification of Security-critical Code

Overview

CWE-1037 (Processor Optimization Removal or Modification of Security-critical Code) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.

Security impact
Security impact: Depends on product and context; use CVE records, severity scores, and MITRE guidance to prioritize.

Description

The developer builds a security-critical protection mechanism into the software, but the processor optimizes the execution of the program such that the mechanism is removed or modified.

Applicable platforms

Kind Name Class Prevalence OS / CPE
language Not Language-Specific Rarely
technology Processor Hardware Undetermined

Related CVEs in this database

These CVEs are mapped to this weakness in this database and kept for traceability and search.

CVE Published Summary
CVE-2025-48810 2025-07-08 Processor optimization removal or modification of security-critical code in Windows Secure Kernel Mode allows an authorized attacker to disclose information locally.
CVE-2025-48809 2025-07-08 Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2025-26636 2025-07-08 Processor optimization removal or modification of security-critical code in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2024-45335 2024-10-22 Trend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detection…
CVE-2024-37985 2024-09-17 Windows Kernel Information Disclosure Vulnerability

Content submission

Name
CWE Content Team
Organization
MITRE
Date
2018-03-07
Version
3.1

Content modifications

Date Name Version Importance Comment
2020-02-24 CWE Content Team 4.0 updated Relationships
2020-06-25 CWE Content Team 4.1 updated Relationships
2021-03-15 CWE Content Team 4.4 updated Related_Attack_Patterns
2022-10-13 CWE Content Team 4.9 updated Applicable_Platforms, Maintenance_Notes
2023-04-27 CWE Content Team 4.11 updated Relationships
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
cvelogic Threat Intelligence