CWE-1264
Hardware Logic with Insecure De-Synchronization between Control and Data Channels
Incomplete
2020-02-24
00h00 +00:00
00h00 +00:00
2023-06-29
00h00 +00:00
00h00 +00:00
Notificaciones para un CWE
Manténgase informado sobre cualquier cambio en un CWE específico.
Nombre: Hardware Logic with Insecure De-Synchronization between Control and Data Channels
The hardware logic for error handling and security checks can incorrectly forward data before the security check is complete.
Informaciones generales
Modos de introducción
Architecture and Design : The weakness can be introduced in the data transfer or bus protocol itself or in the implementation.Implementation
Plataformas aplicables
Lenguaje
Class: Not Language-Specific (Undetermined)Sistemas operativos
Class: Not OS-Specific (Undetermined)Arquitecturas
Class: Not Architecture-Specific (Undetermined)Tecnologías
Class: Not Technology-Specific (Undetermined)Consecuencias comunes
| Alcance | Impacto | Probabilidad |
|---|---|---|
| Confidentiality | Read Memory, Read Application Data |
Ejemplos observados
| Referencias | Descripción |
|---|---|
CVE-2017-5754 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. |
Mitigaciones potenciales
Phases : Architecture and DesignNotas de mapeo de vulnerabilidades
Justificación : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.Comentario : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Patrones de ataque relacionados
| CAPEC-ID | Nombre del patrón de ataque |
|---|---|
| CAPEC-233 | Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform. |
| CAPEC-663 | Exploitation of Transient Instruction Execution
An adversary exploits a hardware design flaw in a CPU implementation of transient instruction execution to expose sensitive data and bypass/subvert access control over restricted resources. Typically, the adversary conducts a covert channel attack to target non-discarded microarchitectural changes caused by transient executions such as speculative execution, branch prediction, instruction pipelining, and/or out-of-order execution. The transient execution results in a series of instructions (gadgets) which construct covert channel and access/transfer the secret data. |
Notas
As of CWE 4.9, members of the CWE Hardware SIG are closely analyzing this entry and others to improve CWE's coverage of transient execution weaknesses, which include issues related to Spectre, Meltdown, and other attacks. Additional investigation may include other weaknesses related to microarchitectural state. As a result, this entry might change significantly in CWE 4.10.Envío
| Nombre | Organización | Fecha | Fecha de lanzamiento | Version |
|---|---|---|---|---|
| Nicole Fern | Cycuity (originally submitted as Tortuga Logic) | 4.1 |
Modificaciones
| Nombre | Organización | Fecha | Comentario |
|---|---|---|---|
| CWE Content Team | MITRE | updated Description, Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Weakness_Ordinalities | |
| CWE Content Team | MITRE | updated Maintenance_Notes | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes |
