BaseIncomplete

CWE-1243Sensitive Non-Volatile Information Not Protected During Debug

Category: data-exposure

Description

Access to security-sensitive information stored in fuses is not limited during debug.

Common consequences· 1

  • Confidentiality / Access Control — Modify Memory, Read Memory, Bypass Protection Mechanism
    If these locations are not blocked during debug operations, it can allow a user to access this sensitive information.

Potential mitigations· 1

  • [Architecture and Design, Implementation]

Related CAPEC attack patterns· 2

CAPEC-116CAPEC-545

References

  1. https://cwe.mitre.org/data/definitions/1243.html

Exploits (incoming)2

TypeTargetConfidenceTier
AttackPatternExcavationcapec-116100%live
AttackPatternPull Data from System Resourcescapec-545100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Exposure of Sensitive System Information Due to Uncleared Debug Information
CWE
Sensitive Information Uncleared Before Debug/Power State Transition
CWE
Hardware Internal or Debug Modes Allow Override of Locks
CWE
Internal Asset Exposed to Unsafe Debug Access Level or State
CWE
On-Chip Debug and Test Interface With Improper Access Control
CWE
Semiconductor Defects in Hardware Logic with Security-Sensitive Implications
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.