CWE-1334: Unauthorized Error Injection Can Degrade Hardware Redundancy
To ensure the performance and functional reliability of certain components, hardware designers can implement hardware blocks for redundancy in the case that others fail. This redundant block can be prevented from performing as intended if the design allows unauthorized agents to inject errors into it. In this way, a path with injected errors may become unavailable to serve as a redundant channel. This may put the system into a degraded mode of operation which could be exploited by a subsequent attack.
Modes of Introduction
Phase | Note |
---|---|
Architecture and Design | Such issues could be introduced during hardware architecture and design and identified later during Testing or System Configuration phases. |
Implementation | Such issues could be introduced during implementation and identified later during Testing or System Configuration phases. |
Integration | Such issues could be introduced during integration and identified later during Testing or System Configuration phases. |
Applicable Platforms
Type | Class | Name | Prevalence |
---|---|---|---|
Language | Not Language-Specific | ||
Operating_system | Not OS-Specific | ||
Architecture | Not Architecture-Specific | ||
Technology | Not Technology-Specific |
Common Attack Pattern Enumeration and Classification (CAPEC)
The Common Attack Pattern Enumeration and Classification (CAPECâ„¢) effort provides a publicly available catalog of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other cyber-enabled capabilities.
CAPEC at Mitre.orgCVEs Published
CVSS Severity
CVSS Severity - By Year
CVSS Base Score
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |