The product receives input from an upstream component, but it does not account for byte ordering (e.g. big-endian and little-endian) when processing the input, causing an incorrect number or value to be used.
View on MITRENo mitigation information available for this CWE.
Because byte ordering bugs are usually very noticeable even with normal inputs, this bug is more likely to occur in rarely triggered error conditions, making them difficult to detect using black box methods.
No examples or observed CVEs available for this CWE.
No relationship information available for this CWE.
CWE-198: Use of Incorrect Byte Ordering is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product receives input from an upstream component, but it does not account for byte ordering (e.g. big-endian and little-endian) when processing the input, causing an incorrect number or value to be used.
If exploited, CWE-198 (Use of Incorrect Byte Ordering) it can compromise Integrity, leading to outcomes such as Unexpected State.
CWE-198 can be detected using Black Box. Combining automated tooling with manual review typically yields the best coverage.
CWE-198 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.
A CWE (Common Weakness Enumeration) like CWE-198 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.