A04:2025 — Cryptographic Failures

Q: What are Cryptographic Failures (OWASP A04:2025)?

OWASP A04:2025 covers failures in cryptography: weak algorithms, hardcoded keys, missing encryption, and cleartext data transmission that expose sensitive information.

Verified by Precogs Threat Research

OWASP Web 2025Rank #4

What are Cryptographic Failures (OWASP A04:2025)?

Failures related to cryptography that lead to exposure of sensitive data or system compromise. This includes transmitting data in cleartext, using deprecated algorithms (MD5, SHA-1, DES), weak key generation, and missing encryption of sensitive data at rest or in transit.

Impact

A leading cause of sensitive data exposure. Violations of PCI-DSS, HIPAA, GDPR when cryptography protecting personal or financial data is inadequate.

Related CWEs

CWE-259 ↗
CWE-327 — View in Precogs Hub
CWE-331 ↗
CWE-798 — View in Precogs Hub

How Precogs AI Addresses A04

Precogs AI Binary SAST identifies weak cryptographic algorithms, hardcoded encryption keys, and missing encryption in compiled binaries — critical for firmware compliance.

Scan for A04 Risks Book a demo

A04:2025 — Cryptographic Failures

What are Cryptographic Failures (OWASP A04:2025)?

Impact

Related CWEs

Risk Overview

Quick Links

Protect Against A04

How Precogs AI Addresses A04

A04:2025 — Cryptographic Failures

What are Cryptographic Failures (OWASP A04:2025)?

Impact

Related CWEs

Related Resources

🔍 Related CWE Entries

🛡️ Notable Vulnerabilities

🔗 External References

Risk Overview

Quick Links

Protect Against A04

How Precogs AI Addresses A04