The product appears to contain benign or useful functionality, but it also contains code that is hidden from normal operation that violates the intended security policy of the user or the system administrator.
View on MITREMost antivirus software scans for Trojan Horses.
Verify the integrity of the product that is being installed.
No detection method information available for this CWE.
No examples or observed CVEs available for this CWE.
CWE-507: Trojan Horse is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product appears to contain benign or useful functionality, but it also contains code that is hidden from normal operation that violates the intended security policy of the user or the system administrator.
If exploited, CWE-507 (Trojan Horse) it can compromise Confidentiality, Integrity and Availability, leading to outcomes such as Execute Unauthorized Code or Commands.
Recommended mitigations for CWE-507 include: Most antivirus software scans for Trojan Horses. Verify the integrity of the product that is being installed.
A CWE (Common Weakness Enumeration) like CWE-507 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.