CWE-1039: Inadequate Detection or Handling of Adversarial Input Perturbations in Automated Recognition Mechanism
low-riskThe product uses an automated mechanism such as machine learning to recognize complex data inputs (e.g. image or audio) as a particular concept or category, but it does not properly detect or handle inputs that have been modified or constructed in a way that causes the mechanism to detect a different, incorrect concept.
Abstraction: Class
Common Consequences
Integrity
→
Bypass Protection Mechanism
Availability
→
DoS: Resource Consumption (Other)
Confidentiality
→
Read Application Data
Other
→
Varies by Context
Detection Methods
Dynamic Analysis with Manual Results Interpretation
Use indicators from model performance deviations such as sudden drops in accuracy or unexpected outputs to verify the model.
Dynamic Analysis with Manual Results Interpretation
Use indicators from input data collection mechanisms to verify that inputs are statistically within the distribution of the training and test data.
Architecture or Design Review
Use multiple models or model ensembling techniques to check for consistency of predictions/inferences.
Real-World Examples (2)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2025-26644 | 5.1 | 0.3% | — |
| CVE-2023-20071 | 5.8 | 0.0% | — |
0
/ 100
low-risk
Active Threat
0/50 · Minimal
Exploit Availability
0/50 · Minimal