BaseStable
CWE-1332Improper Handling of Faults that Lead to Instruction Skips
Category: other
Description
The device is missing or incorrectly implements circuitry or sensors that detect and mitigate the skipping of security-critical CPU instructions when they occur.
Common consequences· 1
- Confidentiality / Integrity / Authentication — Bypass Protection Mechanism, Alter Execution Logic, Unexpected StateDepending on the context, instruction skipping can have a broad range of consequences related to the generic bypassing of security critical code.
Potential mitigations· 5
- [Architecture and Design]Design strategies for ensuring safe failure if inputs, such as Vcc, are modified out of acceptable ranges.
- [Architecture and Design]Design strategies for ensuring safe behavior if instructions attempt to be skipped.
- [Architecture and Design]Identify mission critical secrets that should be wiped if faulting is detected, and design a mechanism to do the deletion.
- [Implementation]Add redundancy by performing an operation multiple times, either in space or time, and perform majority voting. Additionally, make conditional instruction timing unpredictable.
- [Implementation]Use redundant operations or canaries to detect and respond to faults.
Related CAPEC attack patterns· 2
References
Exploits (incoming)2
| Type | Target | Confidence | Tier |
|---|---|---|---|
| AttackPattern | Mobile Device Fault Injectioncapec-625 | 100% | live |
| AttackPattern | Hardware Fault Injectioncapec-624 | 100% | live |
(incoming)1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Vulnerability | CVE-2025-8028cve-2025-8028 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.