CWE-1329 6 件の CVE MITRE の定義 ↗

CWE-1329: Reliance on Component That is Not Updateable

概要

CWE-1329(Reliance on Component That is Not Updateable)は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。

セキュリティへの影響
セキュリティ影響:製品や文脈に依存します。CVE 記録、深刻度、MITRE の説明を参照して優先度を判断してください。

説明

The product contains a component that cannot be updated or patched in order to remove vulnerabilities or significant bugs.

適用プラットフォーム

種別 名称 クラス 普遍性 OS / CPE
language Not Language-Specific Undetermined
operating_system Not OS-Specific Undetermined
architecture Not Architecture-Specific Undetermined
technology Not Technology-Specific Undetermined
technology ICS/OT Undetermined

このデータベースの関連 CVE

これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。

CVE 公開 概要
CVE-2026-48576 2026-06-09 Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
CVE-2026-48573 2026-06-09 Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
CVE-2026-41097 2026-05-12 Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
CVE-2026-21265 2026-01-13 Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them …
CVE-2022-34381 2024-02-02 Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. An unauthenticated remote at…
CVE-2021-38398 2021-10-04 The affected device uses off-the-shelf software components that contain unpatched vulnerabilities. A malicious attacker with physical access to the affected device could exploit these vulnerabilities.…

コンテンツ投稿

名称
CWE Content Team
組織
MITRE
日付
2020-12-03
バージョン
4.3

コンテンツの変更履歴

日付 名称 バージョン 重要度 コメント
2021-07-20 CWE Content Team 4.5 updated Demonstrative_Examples, Description, References
2022-04-28 CWE Content Team 4.7 updated Common_Consequences, Description, Detection_Factors, Maintenance_Notes, Modes_of_Introduction, Observed_Examples, Potential_Mitigations, References, Relationships, Time_of_Introduction, Weakness_Ordinalities
2023-01-31 CWE Content Team 4.10 updated Applicable_Platforms, Relationships
2023-04-27 CWE Content Team 4.11 updated Relationships
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2024-02-29 CWE Content Team 4.14 updated Demonstrative_Examples, References
2025-04-03 CWE Content Team 4.17 updated Relationships
2025-12-11 CWE Content Team 4.19 updated Relationships
2026-04-30 CWE Content Team 4.20 updated Observed_Examples

貢献

タイプ 名称 日付 コメント
Content Chen Chen, Rahul Kande, Jeyavijayan Rajendran 2023-06-21 suggested demonstrative example
Content Shaza Zeitouni, Mohamadreza Rostami, Ahmad-Reza Sadeghi 2023-06-21 suggested demonstrative example
cvelogic Threat Intelligence