CWE-561: Dead Code
low-riskThe product contains dead code, which can never be executed.
Common Consequences
Detection Methods
According to SOAR [REF-1479], the following detection techniques may be useful: Highly cost effective: Inspection (IEEE 1028 standard) (can apply to requirements, design, source code, etc.) Formal Methods / Correct-By-Construction Cost effective for partial coverage: Attack Modeling
According to SOAR [REF-1479], the following detection techniques may be useful: Highly cost effective: Binary / Bytecode Quality Analysis Compare binary / bytecode to application permission manifest
According to SOAR [REF-1479], the following detection techniques may be useful: Cost effective for partial coverage: Automated Monitored Execution
According to SOAR [REF-1479], the following detection techniques may be useful: Cost effective for partial coverage: Permission Manifest Analysis
According to SOAR [REF-1479], the following detection techniques may be useful: Highly cost effective: Source Code Quality Analyzer Cost effective for partial coverage: Warning Flags Source code Weakness Analyzer Context-configured Source Code Weakness Analyzer
According to SOAR [REF-1479], the following detection techniques may be useful: Cost effective for partial coverage: Web Application Scanner Web Services Scanner Database Scanners
According to SOAR [REF-1479], the following detection techniques may be useful: Highly cost effective: Manual Source Code Review (not inspections) Cost effective for partial coverage: Focused Manual Spotcheck - Focused manual analysis of source
Real-World Examples (8)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2025-34205 | 9.8 | 6.4% | — |
| CVE-2018-0039 | 6.5 | 0.2% | — |
| CVE-2024-32634 | 6.1 | 0.2% | — |
| CVE-2021-25398 | 3.3 | 0.1% | — |
| CVE-2022-30748 | 4.0 | 0.1% | — |
| CVE-2024-8300 | 7.0 | 0.0% | — |
| CVE-2022-33726 | 3.3 | 0.0% | — |
| CVE-2022-33685 | 4.0 | 0.0% | — |