V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
← Back to List
CWE-412BaseIncomplete
Abstraction: Base
Status: Incomplete
Source ↗

Unrestricted Externally Accessible Lock

The product properly checks for the existence of a lock, but the lock can be externally controlled or influenced by an actor that is outside of the intended sphere of control.

Open in catalog with CWE filter →

Related CAPECs

CAPEC-25
Forced Deadlock

Related vulnerabilities

CVE-2019-18269 Omron’s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability.
CVE-2023-22318Denial of service in Webconf in Tribe29 Checkmk Appliance before 1.6.5.
CVE-2026-25612The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks.
CVE-2019-11485Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling.