CWE-1264
Hardware Logic with Insecure De-Synchronization between Control and Data Channels
Incomplete
2020-02-24
00h00 +00:00
00h00 +00:00
2023-06-29
00h00 +00:00
00h00 +00:00
Meldingen voor een CWE
Blijf op de hoogte van wijzigingen voor een specifieke CWE.
Naam: Hardware Logic with Insecure De-Synchronization between Control and Data Channels
The hardware logic for error handling and security checks can incorrectly forward data before the security check is complete.
Algemene informatie
Introductiemodi
Architecture and Design : The weakness can be introduced in the data transfer or bus protocol itself or in the implementation.Implementation
Toepasselijke platforms
Taal
Class: Not Language-Specific (Undetermined)Besturingssystemen
Class: Not OS-Specific (Undetermined)Architecturen
Class: Not Architecture-Specific (Undetermined)Technologieën
Class: Not Technology-Specific (Undetermined)Veelvoorkomende gevolgen
| Bereik | Impact | Waarschijnlijkheid |
|---|---|---|
| Confidentiality | Read Memory, Read Application Data |
Waargenomen voorbeelden
| Referenties | Beschrijving |
|---|---|
CVE-2017-5754 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. |
Mogelijke risicobeperkingen
Phases : Architecture and DesignNotities kwetsbaarheidsmapping
Rechtvaardiging : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.Opmerking : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Gerelateerde aanvalspatronen
| CAPEC-ID | Naam aanvalspatroon |
|---|---|
| CAPEC-233 | Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform. |
| CAPEC-663 | Exploitation of Transient Instruction Execution
An adversary exploits a hardware design flaw in a CPU implementation of transient instruction execution to expose sensitive data and bypass/subvert access control over restricted resources. Typically, the adversary conducts a covert channel attack to target non-discarded microarchitectural changes caused by transient executions such as speculative execution, branch prediction, instruction pipelining, and/or out-of-order execution. The transient execution results in a series of instructions (gadgets) which construct covert channel and access/transfer the secret data. |
Notities
As of CWE 4.9, members of the CWE Hardware SIG are closely analyzing this entry and others to improve CWE's coverage of transient execution weaknesses, which include issues related to Spectre, Meltdown, and other attacks. Additional investigation may include other weaknesses related to microarchitectural state. As a result, this entry might change significantly in CWE 4.10.Indiening
| Naam | Organisatie | Datum | Releasedatum | Version |
|---|---|---|---|---|
| Nicole Fern | Cycuity (originally submitted as Tortuga Logic) | 4.1 |
Wijzigingen
| Naam | Organisatie | Datum | Opmerking |
|---|---|---|---|
| CWE Content Team | MITRE | updated Description, Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Weakness_Ordinalities | |
| CWE Content Team | MITRE | updated Maintenance_Notes | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes |
