The software initializes critical internal variables or data stores using inputs that can be modified by untrusted actors.