CWE-1319: Improper Protection against Electromagnetic Fault Injection (EM-FI)

Base Incomplete Simple

CWE版本: 4.18

更新日期: 2025-09-09

弱点描述

The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed.

常见后果

影响范围: Confidentiality Integrity Access Control Availability

技术影响: Modify Memory Read Memory Gain Privileges or Assume Identity Bypass Protection Mechanism Execute Unauthorized Code or Commands

潜在缓解措施

阶段: Architecture and Design Implementation

观察示例

参考: CVE-2020-27211

Chain: microcontroller system-on-chip uses a register value stored in flash to set product protection state on the memory bus and does not contain protection against fault injection (CWE-1319) which leads to an incorrect initialization of the memory bus (CWE-1419) causing the product to be in an unprotected state.

引入模式

阶段	说明
Architecture and Design	-
Implementation	-

适用平台

编程语言

Not Language-Specific (Undetermined)

操作系统

Not OS-Specific (Undetermined)

技术

System on Chip (Undetermined) Microcontroller Hardware (Undetermined) Memory Hardware (Undetermined) Power Management Hardware (Undetermined) Processor Hardware (Undetermined) Test/Debug Hardware (Undetermined) Sensor Hardware (Undetermined)

关键信息

CWE ID: CWE-1319

抽象级别: Base

结构: Simple

状态: Incomplete

CWE-1319: Improper Protection against Electromagnetic Fault Injection (EM-FI)

弱点描述

常见后果

潜在缓解措施

观察示例

引入模式

适用平台

编程语言

操作系统

技术

关键信息

相关弱点

相关攻击模式

CWE-1319: Improper Protection against Electromagnetic Fault Injection (EM-FI)

弱点描述

常见后果

潜在缓解措施

观察示例

引入模式

适用平台

编程语言

操作系统

技术

关键信息

相关弱点

ChildOf CWE-693

相关攻击模式