Cyber Resilience

NIST 800-53 r5 · Controls catalogue · Family CP

CP-10System Recovery and Reconstitution

Provide for the recovery and reconstitution of the system to a known state within {{ insert: param, cp-10_prm_1 }} after a disruption, compromise, or failure.

Last updated: 04 July 2026 00:28 UTC

Cumulative inbound coverage

How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.

Collective: mostly · 4 mapping(s) from 1 framework(s): CSF 2.0 4 (mostly)

See the full cumulative-coverage rollup →

Implementations targeting this control (15)

ATT&CK techniques this control mitigates (12)

Weaknesses this control addresses (7)AI

CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.

CWE Name CVEs Why this control addresses it
CWE-284Improper Access Control5,367Recovery to a known state reverts unauthorized changes to access control mechanisms after compromise.
CWE-287Improper Authentication4,908System recovery re-establishes trusted authentication processes following a compromise.
CWE-269Improper Privilege Management3,104Recovery ensures return to a state with correctly assigned and managed privileges.
CWE-732Incorrect Permission Assignment for Critical Resource1,874Reconstitution corrects improper permission assignments on critical resources.
CWE-285Improper Authorization1,356Reconstitution restores proper authorization policies and enforcement that may have been altered.
CWE-506Embedded Malicious Code85Reverting to a known state removes any malicious code embedded by an attacker.
CWE-912Hidden Functionality79Recovery eliminates hidden functionality or backdoors introduced during compromise.

Top CVEs where this control is the strongest mitigation

CVE Risk CVSS EPSS Match
CVE-2026-278437.09.10.0052partial
CVE-2024-20290 UPD6.07.50.3356partial
CVE-2025-598955.57.50.0037partial

Other controls in family CP

CP-1 CP-11 CP-12 CP-13 CP-2 CP-3 CP-4 CP-5 CP-6 CP-7 CP-8 CP-9