CWE-1264
Hardware Logic with Insecure De-Synchronization between Control and Data Channels
Incomplete
2020-02-24
00h00 +00:00
00h00 +00:00
2023-06-29
00h00 +00:00
00h00 +00:00
Notifiche per un CWE specifico
Rimani informato su qualsiasi modifica relativa a un CWE specifico.
Nome: Hardware Logic with Insecure De-Synchronization between Control and Data Channels
The hardware logic for error handling and security checks can incorrectly forward data before the security check is complete.
General Informations
Modes Of Introduction
Architecture and Design : The weakness can be introduced in the data transfer or bus protocol itself or in the implementation.Implementation
Piattaforme applicabili
Linguaggio
Class: Not Language-Specific (Undetermined)Sistemi operativi
Class: Not OS-Specific (Undetermined)Architetture
Class: Not Architecture-Specific (Undetermined)Tecnologie
Class: Not Technology-Specific (Undetermined)Conseguenze comuni
| Ambito | Impatto | Probabilità |
|---|---|---|
| Confidentiality | Read Memory, Read Application Data |
Esempi osservati
| Riferimenti | Descrizione |
|---|---|
CVE-2017-5754 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. |
Potential Mitigations
Phases : Architecture and DesignNote sulla mappatura delle vulnerabilità
Giustificazione : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.Commento : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Pattern di attacco correlati
| CAPEC-ID | Nome del pattern di attacco |
|---|---|
| CAPEC-233 | Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform. |
| CAPEC-663 | Exploitation of Transient Instruction Execution
An adversary exploits a hardware design flaw in a CPU implementation of transient instruction execution to expose sensitive data and bypass/subvert access control over restricted resources. Typically, the adversary conducts a covert channel attack to target non-discarded microarchitectural changes caused by transient executions such as speculative execution, branch prediction, instruction pipelining, and/or out-of-order execution. The transient execution results in a series of instructions (gadgets) which construct covert channel and access/transfer the secret data. |
Note
As of CWE 4.9, members of the CWE Hardware SIG are closely analyzing this entry and others to improve CWE's coverage of transient execution weaknesses, which include issues related to Spectre, Meltdown, and other attacks. Additional investigation may include other weaknesses related to microarchitectural state. As a result, this entry might change significantly in CWE 4.10.Invio
| Nome | Organizzazione | Data | Data di rilascio | Version |
|---|---|---|---|---|
| Nicole Fern | Cycuity (originally submitted as Tortuga Logic) | 4.1 |
Modifiche
| Nome | Organizzazione | Data | Commento |
|---|---|---|---|
| CWE Content Team | MITRE | updated Description, Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Weakness_Ordinalities | |
| CWE Content Team | MITRE | updated Maintenance_Notes | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes |
