Difference between revisions of "Code Reuse"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with "{{Infobox |header1 = Rule 801378 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Software vulnerable to code reuse attacks }} = Summary = The vulnerabilit...")

Revision as of 17:26, 1 April 2020

Rule 801378
Status Active
Alert Message Software vulnerable to code reuse attacks



The vulnerability scanner has identified that the software in your environment is not adequately hardened and could be easily exploited by a remote attacker.


The weakness that the Atomicorp platform has detected confirms that your system is vulnerable to a dangerous category of code reuse attacks. These attacks would allow an attacker to use the code in the software for an unintended purpose and thus take over the system. From there, they could remotely execute the code of their choice and cause significant damage. Example attacks could be privilege escalation, traversing to other areas of your environment, direct damage to the system causing downtime or data exfiltration...among others.

Even though the software developer for this system may have good security practices in place, using rigorous code scanning, pen testing and the like, vulnerabilities still exist. Upgrading to the latest security patch does not ensure that your systems are hardened to the fullest extent necessary.


Atomicorp has partnered with RunSafe Security to harden your system from these types of attacks. RunSafe has built a software transformation engine called Alkemist which immunizes code from these types of vulnerabilities. Alkemist can apply protections directly to your system’s code and thereby render code reuse attacks inert. Our scans indicate that this vulnerable system is an ideal candidate for Alkemist protections and can be easily deployed in place of the current system.

To initiate the hardening process, please click here to contact your Atomicorp Representative.

For additional information on RunSafe Alkemist, please visit www.runsafesecurity.com


False Positives


Tuning Guidance


Additional Information

Similar Rules


Knowledge Base Articles


Outside References




Personal tools