BaseIncomplete

CWE-1431Driving Intermediate Cryptographic State/Results to Hardware Module Outputs

Category: other

Description

The product uses a hardware module implementing a cryptographic algorithm that writes sensitive information about the intermediate state or results of its cryptographic operations via one of its output wires (typically the output port containing the final result).

Common consequences· 1

  • Confidentiality — Read Memory, Read Application Data

Potential mitigations· 2

  • [Architecture and Design]
  • [Implementation]

References

  1. https://cwe.mitre.org/data/definitions/1431.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Hardware Logic with Insecure De-Synchronization between Control and Data Channels
CWE
Missing Security-Relevant Feedback for Unexecuted Operations in Hardware Interface
CWE
Semiconductor Defects in Hardware Logic with Security-Sensitive Implications
CWE
Improper Protection of Physical Side Channels
CWE
Cleartext Transmission of Sensitive Information
CWE
Cleartext Storage of Sensitive Information in Memory
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.