CWE · MITRE source
CWE-428Unquoted Search Path or Element
The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
If a malicious individual has access to the file system, it is possible to elevate privileges by inserting such a file as "C:\Program.exe" to be run by a privileged program making use of WinExec.
Last updated: 04 July 2026 08:17 UTC
Cumulative inbound coverage
How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.
Collective: mostly · 1 mapping(s) from 1 framework(s): ATT&CK 1 (mostly)
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
MITRE ATT&CK techniques this weakness enables
Our own two-way CWE↔ATT&CK cross-walk — a direct mapping with no public source (the CWE→CAPEC→ATT&CK chain leaves most top weaknesses, incl. XSS and SQLi, mapped to nothing). Drafted by Grok and spot-checked by Claude Opus 4.8.
Direction: ← other covers this;
→ this covers other (F/M/P = full / mostly /
partial).
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2023-38408 | 8.0 | 9.8 | 0.7677 | 2023-07-20 |
CVE-2019-8459 | 7.0 | 9.8 | 0.0119 | 2019-06-20 |
CVE-2019-17658 | 7.0 | 9.8 | 0.0218 | 2020-03-12 |
CVE-2020-9292 | 7.0 | 9.8 | 0.0155 | 2020-06-04 |
CVE-2022-36344 | 7.0 | 9.8 | 0.0074 | 2022-08-16 |
CVE-2024-24722 UPD | 7.0 | 9.1 | 0.0061 | 2024-02-19 |
CVE-2022-50935 | 7.0 | 9.8 | 0.0036 | 2026-01-13 |
CVE-2020-15261 | 6.0 | 8.0 | 0.1112 | 2020-10-19 |
CVE-2016-5793 | 5.5 | 8.8 | 0.0038 | 2016-09-24 |
CVE-2016-6935 | 5.5 | 7.8 | 0.0077 | 2016-10-13 |
CVE-2016-8225 | 5.5 | 7.8 | 0.0035 | 2017-01-26 |
CVE-2017-3005 | 5.5 | 7.8 | 0.0090 | 2017-04-12 |
CVE-2017-7180 | 5.5 | 7.3 | 0.0105 | 2017-06-08 |
CVE-2017-9247 | 5.5 | 7.8 | 0.0030 | 2017-08-02 |
CVE-2017-3751 | 5.5 | 7.8 | 0.0037 | 2017-08-10 |
CVE-2017-9644 | 5.5 | 7.0 | 0.0141 | 2017-08-25 |
CVE-2017-3757 | 5.5 | 7.8 | 0.0037 | 2017-08-29 |
CVE-2017-13993 | 5.5 | 7.8 | 0.0176 | 2017-10-05 |
CVE-2017-12730 | 5.5 | 7.8 | 0.0073 | 2017-10-06 |
CVE-2017-15383 | 5.5 | 7.8 | 0.0046 | 2017-10-16 |
CVE-2017-14030 | 5.5 | 7.8 | 0.0037 | 2018-01-12 |
CVE-2017-1000475 | 5.5 | 7.8 | 0.0063 | 2018-01-24 |
CVE-2018-6384 | 5.5 | 7.8 | 0.0079 | 2018-01-31 |
CVE-2018-6016 | 5.5 | 7.8 | 0.0035 | 2018-03-12 |
CVE-2018-6321 | 5.5 | 7.8 | 0.0034 | 2018-03-12 |