Modes d'introduction
Implementation
Plateformes applicables
Langue
Class: Not Language-Specific (Undetermined)
Systèmes d’exploitation
Class: Not OS-Specific (Undetermined)
Architectures
Class: Not Architecture-Specific (Undetermined)
Technologies
Class: Not Technology-Specific (Undetermined)
Conséquences courantes
Portée |
Impact |
Probabilité |
Confidentiality | Read Memory, Read Application Data | |
Exemples observés
Références |
Description |
| Firmware Data Deletion Vulnerability in which a base station factory reset might not delete all user information. The impact of this enables a new owner of a used device that has been "factory-default reset" with a vulnerable firmware version can still retrieve, at least, the previous owner's wireless network name, and the previous owner's wireless security (such as WPA2) key. This issue was addressed with improved, data deletion. |
Mesures d’atténuation potentielles
Phases : Architecture and Design
Apply blinding or masking techniques to implementations of cryptographic algorithms.
Phases : Implementation
Alter the method of erasure, add protection of media, or destroy the media to protect the data.
Notes de cartographie des vulnérabilités
Justification : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Commentaire : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Modèles d'attaque associés
CAPEC-ID |
Nom du modèle d'attaque |
CAPEC-37 |
Retrieve Embedded Sensitive Data An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack. |
NotesNotes
This entry is still under development and will continue to see updates and content improvements.
Références
REF-1117
Introduction to differential power analysis and related attacks
Paul Kocher, Joshua Jaffe, Benjamin Jun.
https://www.rambus.com/wp-content/uploads/2015/08/DPATechInfo.pdf REF-1118
The EM Side-Channel(s)
Dakshi Agrawal, Bruce Archambeault, Josyula R. Rao, Pankaj Rohatgi.
https://link.springer.com/content/pdf/10.1007/3-540-36400-5_4.pdf REF-1119
RSA key extraction via low-bandwidth acoustic cryptanalysis
Daniel Genkin, Adi Shamir, Eran Tromer.
https://www.iacr.org/archive/crypto2014/86160149/86160149.pdf REF-1120
Power Analysis for Cheapskates
Colin O'Flynn.
https://media.blackhat.com/eu-13/briefings/OFlynn/bh-eu-13-for-cheapstakes-oflynn-wp.pdf REF-1055
Data Remanence in Semiconductor Devices
Peter Gutmann.
https://www.usenix.org/legacy/events/sec01/full_papers/gutmann/gutmann.pdf
Soumission
Nom |
Organisation |
Date |
Date de publication |
Version |
Nicole Fern |
Cycuity (originally submitted as Tortuga Logic) |
2020-05-29 +00:00 |
2020-08-20 +00:00 |
4.2 |
Modifications
Nom |
Organisation |
Date |
Commentaire |
CWE Content Team |
MITRE |
2020-12-10 +00:00 |
updated Relationships |
CWE Content Team |
MITRE |
2021-07-20 +00:00 |
updated Related_Attack_Patterns |
CWE Content Team |
MITRE |
2021-10-28 +00:00 |
updated Description |
CWE Content Team |
MITRE |
2023-04-27 +00:00 |
updated References, Relationships |
CWE Content Team |
MITRE |
2023-06-29 +00:00 |
updated Mapping_Notes |
CWE Content Team |
MITRE |
2023-10-26 +00:00 |
updated Observed_Examples |