BaseIncomplete

CWE-1264Hardware Logic with Insecure De-Synchronization between Control and Data Channels

Category: logic

Description

The hardware logic for error handling and security checks can incorrectly forward data before the security check is complete.

Common consequences· 1

  • Confidentiality — Read Memory, Read Application Data

Potential mitigations· 1

  • [Architecture and Design]

Related CAPEC attack patterns· 2

CAPEC-233CAPEC-663

References

  1. https://cwe.mitre.org/data/definitions/1264.html

Exploits (incoming)2

TypeTargetConfidenceTier
AttackPatternExploitation of Transient Instruction Executioncapec-663100%live
AttackPatternPrivilege Escalationcapec-233100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Missing Security-Relevant Feedback for Unexecuted Operations in Hardware Interface
CWE
Hardware Logic Contains Race Conditions
CWE
Driving Intermediate Cryptographic State/Results to Hardware Module Outputs
CWE
Semiconductor Defects in Hardware Logic with Security-Sensitive Implications
CWE
Improper Protection Against Voltage and Clock Glitches
CWE
Incorrect Decoding of Security Identifiers
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.