CWE-1239: Improper Zeroization of Hardware Register
Hardware logic operates on data stored in registers local to the hardware block. Most hardware IPs, including cryptographic accelerators, rely on registers to buffer I/O, store intermediate values, and interface with software. The result of this is that sensitive information, such as passwords or encryption keys, can exist in locations not transparent to the user of the hardware logic. When a different entity obtains access to the IP due to a change in operating mode or conditions, the new entity can extract information belonging to the previous user if no mechanisms are in place to clear register contents. It is important to clear information stored in the hardware if a physical attack on the product is detected, or if the user of the hardware block changes. The process of clearing register contents in a hardware IP is referred to as zeroization in standards for cryptographic hardware modules such as FIPS-140-2 [REF-267].
Modes of Introduction
Phase | Note |
---|---|
Architecture and Design | Lack of hardware mechanisms to zeroize or clear registers in the design or specification. |
Implementation | Mechanisms to zeroize and clear registers are in the design but implemented incorrectly. |
Operation | Hardware-provided zeroization mechanisms are not used appropriately by the IP user (ex. firmware), or data remanence issues are not taken into account. |
Applicable Platforms
Type | Class | Name | Prevalence |
---|---|---|---|
Language | Not Language-Specific | ||
Operating_system | Not OS-Specific | ||
Architecture | Not Architecture-Specific | ||
Technology | System on Chip |
Relationships
View | Weakness | |||||||
---|---|---|---|---|---|---|---|---|
# ID | View | Status | # ID | Name | Abstraction | Structure | Status | |
CWE-1000 | Research Concepts | Draft | CWE-226 | Sensitive Information in Resource Not Removed Before Reuse | Base | Simple | Draft | |
CWE-1194 | Hardware Design | Draft | CWE-226 | Sensitive Information in Resource Not Removed Before Reuse | Base | Simple | Draft |
Common Attack Pattern Enumeration and Classification (CAPEC)
The Common Attack Pattern Enumeration and Classification (CAPECâ„¢) effort provides a publicly available catalog of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other cyber-enabled capabilities.
CAPEC at Mitre.org