1. Home
  2. Weaknesses
  3. CWE-1334

CWE-1334: Unauthorized Error Injection Can Degrade Hardware Redundancy

ID CWE-1334
Abstraction Base
Structure Simple
Status Draft
Number of CVEs 1
Detail CAPEC Dashboard Vulnerabilities Web & Social
An unauthorized agent can inject errors into a redundant block to deprive the system of redundancy or put the system in a degraded operating mode.

To ensure the performance and functional reliability of certain components, hardware designers can implement hardware blocks for redundancy in the case that others fail. This redundant block can be prevented from performing as intended if the design allows unauthorized agents to inject errors into it. In this way, a path with injected errors may become unavailable to serve as a redundant channel. This may put the system into a degraded mode of operation which could be exploited by a subsequent attack.

Modes of Introduction

Phase Note
Architecture and Design Such issues could be introduced during hardware architecture and design and identified later during Testing or System Configuration phases.
Implementation Such issues could be introduced during implementation and identified later during Testing or System Configuration phases.
Integration Such issues could be introduced during integration and identified later during Testing or System Configuration phases.

Applicable Platforms

Type Class Name Prevalence
Language Not Language-Specific
Operating_system Not OS-Specific
Architecture Not Architecture-Specific
Technology Not Technology-Specific

Relationships

View Weakness
# ID View Status # ID Name Abstraction Structure Status
CWE-1000 Research Concepts Draft CWE-284 Improper Access Control Pillar Simple Incomplete

Common Attack Pattern Enumeration and Classification (CAPEC)

The Common Attack Pattern Enumeration and Classification (CAPECâ„¢) effort provides a publicly available catalog of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other cyber-enabled capabilities.

CAPEC at Mitre.org
# ID Name Weaknesses
CAPEC-624 Hardware Fault Injection CWE-1334
CAPEC-625 Mobile Device Fault Injection CWE-1334

CVEs Published

Based on CVE published date

CVSS Severity

CVSS Severity - By Year

CVSS Base Score

# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date