Cyber Resilience

CWE · MITRE source

CWE-428Unquoted Search Path or Element

Abstraction: Base · CVEs in our corpus: 449

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

If a malicious individual has access to the file system, it is possible to elevate privileges by inserting such a file as "C:\Program.exe" to be run by a privileged program making use of WinExec.

Last updated: 04 July 2026 08:17 UTC

Cumulative inbound coverage

How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.

Collective: mostly · 1 mapping(s) from 1 framework(s): ATT&CK 1 (mostly)

See the full cumulative-coverage rollup →

NIST 800-53 r5 controls that address this weakness (0)AI

Control Title Family Why it addresses this CWE
No NIST controls proposed yet.

MITRE ATT&CK techniques this weakness enables

Our own two-way CWE↔ATT&CK cross-walk — a direct mapping with no public source (the CWE→CAPEC→ATT&CK chain leaves most top weaknesses, incl. XSS and SQLi, mapped to nothing). Drafted by Grok and spot-checked by Claude Opus 4.8.

Direction: other covers this; this covers other (F/M/P = full / mostly / partial).

Top CVEs of this weakness type, ranked by Risk Priority

CVE Risk CVSS EPSS Published
CVE-2023-384088.09.80.76772023-07-20
CVE-2019-84597.09.80.01192019-06-20
CVE-2019-176587.09.80.02182020-03-12
CVE-2020-92927.09.80.01552020-06-04
CVE-2022-363447.09.80.00742022-08-16
CVE-2024-24722 UPD7.09.10.00612024-02-19
CVE-2022-509357.09.80.00362026-01-13
CVE-2020-152616.08.00.11122020-10-19
CVE-2016-57935.58.80.00382016-09-24
CVE-2016-69355.57.80.00772016-10-13
CVE-2016-82255.57.80.00352017-01-26
CVE-2017-30055.57.80.00902017-04-12
CVE-2017-71805.57.30.01052017-06-08
CVE-2017-92475.57.80.00302017-08-02
CVE-2017-37515.57.80.00372017-08-10
CVE-2017-96445.57.00.01412017-08-25
CVE-2017-37575.57.80.00372017-08-29
CVE-2017-139935.57.80.01762017-10-05
CVE-2017-127305.57.80.00732017-10-06
CVE-2017-153835.57.80.00462017-10-16
CVE-2017-140305.57.80.00372018-01-12
CVE-2017-10004755.57.80.00632018-01-24
CVE-2018-63845.57.80.00792018-01-31
CVE-2018-60165.57.80.00352018-03-12
CVE-2018-63215.57.80.00342018-03-12