Cyber Resilience

CWE · MITRE source

CWE-378Creation of Temporary File With Insecure Permissions

Abstraction: Base · CVEs in our corpus: 45

Opening temporary files without appropriate measures or controls can leave the file, its contents and any function that it impacts vulnerable to attack.

Last updated: 04 July 2026 13:15 UTC

Cumulative inbound coverage

How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.

Collective: partial · 3 mapping(s) from 1 framework(s): ATT&CK 3 (partial)

See the full cumulative-coverage rollup →

NIST 800-53 r5 controls that address this weakness (0)AI

Control Title Family Why it addresses this CWE
No NIST controls proposed yet.

MITRE ATT&CK techniques this weakness enables

Our own two-way CWE↔ATT&CK cross-walk — a direct mapping with no public source (the CWE→CAPEC→ATT&CK chain leaves most top weaknesses, incl. XSS and SQLi, mapped to nothing). Drafted by Grok and spot-checked by Claude Opus 4.8.

Direction: other covers this; this covers other (F/M/P = full / mostly / partial).

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2024-398727.09.60.00472024-07-09
CVE-2016-94855.57.80.01232018-07-13
CVE-2020-272165.57.00.04302020-10-23
CVE-2021-294285.58.80.00532021-04-13
CVE-2021-253145.57.80.00382021-04-14
CVE-2021-14265.57.00.00252021-05-06
CVE-2021-14275.57.00.00252021-05-06
CVE-2021-14285.57.00.00252021-05-06
CVE-2021-14295.57.00.00252021-05-06
CVE-2021-14305.57.00.00232021-05-06
CVE-2021-14965.57.00.00532021-05-06
CVE-2022-244115.57.80.00232022-04-12
CVE-2024-420525.57.80.00212024-07-28
CVE-2024-73585.57.80.00232024-08-01
CVE-2025-271485.58.80.00232025-02-25
CVE-2025-324385.58.80.00152025-04-15
CVE-2025-38747 UPD5.57.80.00132025-08-06
CVE-2025-4953 UPD5.57.40.00602025-09-16
CVE-2025-76475.57.30.00132025-09-27
CVE-2025-466855.57.50.00092026-01-13
CVE-2026-48225.57.00.00162026-03-25
CVE-2026-335725.58.40.00122026-03-29
CVE-2026-4137 UPD5.57.80.00192026-05-18
CVE-2021-212903.56.20.01782021-02-08
CVE-2021-213633.55.30.00412021-03-11