Cloud Defense Logo

Products

Solutions

Company

CWE-1376: Security Gaps in Commissioning

Discover vulnerabilities in system commissioning that create temporary windows for attackers using the SEI ETF report. Explore recommendations for mitigation and future developments.

Summary

The weaknesses in this particular category are associated with the section called "Security Gaps in Commissioning" in the SEI ETF's "Categories of Security Vulnerabilities in ICS" report published in March 2022. According to the report, when a large system is being brought online, there is a possibility that certain components of the system may remain vulnerable until the entire system is fully operational and security controls are implemented. This can create a temporary opportunity for an attacker during the commissioning process. It is worth mentioning that the recommendations included in this category, such as the "Nearest IT Neighbor" suggestions from the report, have been provided by both the report's authors and the CWE team. It should be noted that these associations may change in future versions of the CWE.

Is your System Free of Underlying Vulnerabilities?
Find Out Now