目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-1253 类漏洞列表 1

CWE-1253 类弱点 1 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-1253 属于安全配置错误类漏洞,源于系统依赖未熔断的保险丝来维持安全状态。攻击者通常通过物理手段熔断保险丝,将逻辑值从 0 强制变为 1,从而绕过安全机制或窃取密钥。开发者应避免将关键安全逻辑绑定于不可逆的保险丝状态,需采用可验证、可重置的软件配置或硬件安全模块,确保即使保险丝状态改变,系统仍能保持预期的安全基线。

MITRE CWE 官方描述
CWE:CWE-1253 保险丝值选择不当 英文:用于将系统设置为安全状态的逻辑电平依赖于保险丝未被熔断。 保险丝通常用于存储秘密数据,包括安全配置数据。当保险丝未被熔断时,被认为存储逻辑 0;当保险丝被熔断时,则表示逻辑 1。保险丝通常被认为是单向的,即一旦熔断为逻辑 1,就无法重置为逻辑 0。
常见影响 (4)
Access Control, AuthorizationBypass Protection Mechanism, Gain Privileges or Assume Identity
If the logic used to determine system-security state (by leveraging the values sensed from the fuses) uses negative logic, an attacker might blow the fuse and drive the system to an insecure state.
AvailabilityDoS: Crash, Exit, or Restart
ConfidentialityRead Memory
IntegrityModify Memory, Execute Unauthorized Code or Commands
缓解措施 (1)
Architecture and DesignLogic should be designed in a way that blown fuses do not put the product into an insecure state that can be leveraged by an attacker.
代码示例 (1)
A chip implements a secure boot and uses the sensed value of a fuse "do_secure_boot" to determine whether to perform a secure boot or not. If this fuse value is "0", the system performs secure boot. Otherwise, it does not perform secure boot. An attacker blows the "do_secure_boot" fuse to "1". After reset, the attacker loads a custom bootloader, and, since t…
CVE ID标题CVSS风险等级Published
CVE-2023-6355 Gallagher Controller 7000 安全漏洞 — Controller 7000 6.8 Medium2023-12-18

CWE-1253 是常见的弱点类别,本平台收录该类弱点关联的 1 条 CVE 漏洞。