CWE-1366(ICS Communications: Frail Security in Protocols)は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。
Weaknesses in this category are related to the "Frail Security in Protocols" category from the SEI ETF "Categories of Security Vulnerabilities in ICS" as published in March 2022: "Vulnerabilities arise as a result of mis-implementation or incomplete implementation of security in ICS implementations of communication protocols." Note: members of this category include "Nearest IT Neighbor" recommendations from the report, as well as suggestions by the CWE team. These relationships are likely to change in future CWE versions.
これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。
| CVE | 公開 | 概要 |
|---|---|---|
| CVE-2026-22535 | 2026-01-07 | An attacker with the ability to interact through the network and with access credentials, could, thanks to the unsecured (unencrypted) MQTT communications protocol, write on the server topics of the b… |
| 日付 | 名称 | バージョン | 重要度 | コメント |
|---|---|---|---|---|
| 2023-01-31 | CWE Content Team | 4.10 | — | updated Description, Maintenance_Notes, Relationship_Notes |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated Mapping_Notes, Relationships |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes, Relationships |
| 2025-09-09 | CWE Content Team | 4.18 | — | updated References |
| 2025-12-11 | CWE Content Team | 4.19 | — | updated Maintenance_Notes |
| タイプ | 名称 | 日付 | コメント |
|---|---|---|---|
| Content | "Boosting CWE Content" Sub-Working Group | 2023-04-26 | Suggested weaknesses to add to this category. |
| Content | "Boosting CWE Content" Sub-Working Group | 2023-06-29 | Suggested weaknesses to add to this category. |