BaseIncomplete

CWE-1342Information Exposure through Microarchitectural State after Transient Execution

Category: data-exposure

Description

The processor does not properly clear microarchitectural state after incorrect microcode assists or speculative execution, resulting in transient execution.

Common consequences· 1

  • Confidentiality / Integrity — Modify Memory, Read Memory, Execute Unauthorized Code or Commands

Potential mitigations· 2

  • [Architecture and Design, Requirements]Hardware ensures that no illegal data flows from faulting micro-ops exists at the microarchitectural level.
  • [Build and Compilation]Include instructions that explicitly remove traces of unneeded computations from software interactions with microarchitectural elements e.g. lfence, sfence, mfence, clflush.

Related CAPEC attack patterns· 1

CAPEC-696

References

  1. https://cwe.mitre.org/data/definitions/1342.html

Exploits (incoming)1

TypeTargetConfidenceTier
AttackPatternLoad Value Injectioncapec-696100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Exposure of Sensitive Information during Transient Execution
CWE
Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution
CWE
Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution
CWE
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution
CWE
Exposure of Sensitive System Information Due to Uncleared Debug Information
CWE
Sensitive Information Uncleared Before Debug/Power State Transition
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.