目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-1258 类漏洞列表 8

CWE-1258 类弱点 8 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-1258 属于硬件安全漏洞,源于调试模式下未彻底清除敏感系统信息。当设备进入调试状态时,若未清空存储密钥或加密中间值的临时寄存器,攻击者即可通过调试接口直接读取这些残留数据,从而窃取关键密钥或破解加密逻辑。开发者应避免在发布版本中启用调试功能,或在进入调试模式前强制清零所有敏感寄存器,确保硬件状态完全隔离,防止信息泄露。

MITRE CWE 官方描述
CWE:CWE-1258 由于未清除调试信息导致的敏感系统信息泄露 英文:当进入调试模式时,硬件未能完全清除安全敏感值(如密钥和加密操作中的中间值)。 安全敏感值、密钥、加密操作的中间步骤等存储在硬件的临时寄存器中。如果在进入调试模式时未清除这些值,调试器可能会访问它们,从而使不受信任的方能够获取敏感信息。
常见影响 (2)
ConfidentialityRead Memory
Access ControlBypass Protection Mechanism
缓解措施 (1)
Architecture and DesignWhenever debug mode is enabled, all registers containing sensitive assets must be cleared.
代码示例 (2)
A cryptographic core in a System-On-a-Chip (SoC) is used for cryptographic acceleration and implements several cryptographic operations (e.g., computation of AES encryption and decryption, SHA-256, HMAC, etc.). The keys for these operations or the intermediate values are stored in registers internal to the cryptographic core. These internal registers are in the Memory Mapped Input Output (MMIO) sp…
In the above scenario, registers that store keys and intermediate values of cryptographic operations are not cleared when system enters debug mode. An untrusted actor running a debugger may read the contents of these registers and gain access to secret keys and other sensitive cryptographic information.
Bad · Other
Whenever the chip enters debug mode, all registers containing security-sensitive data are be cleared rendering them unreadable.
Good · Other
The following code example is extracted from the AES wrapper module, aes1_wrapper, of the Hack@DAC'21 buggy OpenPiton System-on-Chip (SoC). Within this wrapper module are four memory-mapped registers: core_key, core_key0, core_key1, and core_key2. Core_key0, core_key1, and core_key2 hold encryption/decryption keys. The core_key register selects a key and sends it to the underlying AES module to ex…
module aes1_wrapper #( ... assign core_key0 = debug_mode_i ? 'b0 : { key_reg0[7], key_reg0[6], key_reg0[5], key_reg0[4], key_reg0[3], key_reg0[2], key_reg0[1], key_reg0[0]}; assign core_key1 = { key_reg1[7], key_reg1[6], key_reg1[5], key_reg1[4], key_reg1[3], key_reg1[2], key_reg1[1], key_reg1[0]}; ... endmodule
Bad · Verilog
module aes1_wrapper #( ... assign core_key0 = debug_mode_i ? 'b0 : { key_reg0[7], key_reg0[6], key_reg0[5], key_reg0[4], key_reg0[3], key_reg0[2], key_reg0[1], key_reg0[0]}; assign core_key1 = debug_mode_i ? 'b0 : { key_reg1[7], key_reg1[6], key_reg1[5], key_reg1[4], key_reg1[3], key_reg1[2], key_reg1[1], key_reg1[0]}; ... endmodule
Good · Verilog
CVE ID标题CVSS风险等级Published
CVE-2025-14551 Canonical Subiquity 安全漏洞 — Ubuntu 6.2AIMediumAI2026-04-09
CVE-2025-15480 Ubuntu Desktop Provision 安全漏洞 — Ubuntu 5.5AIMediumAI2026-04-09
CVE-2026-26948 Dell Integrated Dell Remote Access Controller 安全漏洞 — Integrated Dell Remote Access Controller 4.9 Medium2026-03-18
CVE-2025-26482 Dell PowerEdge Server BIOS和Dell iDRAC9 安全漏洞 — PowerEdge R770 4.9 Medium2025-09-25
CVE-2025-32257 WordPress plugin 1 Click WordPress Migration 安全漏洞 — 1 Click WordPress Migration 5.3 Medium2025-04-04
CVE-2023-48308 Nextcloud 安全漏洞 — security-advisories 3.5 Low2023-12-21
CVE-2022-39292 Slack Morphism 安全漏洞 — slack-morphism-rust 7.5 High2022-10-10
CVE-2022-31162 Slack Morphism 安全漏洞 — slack-morphism-rust 7.5 High2022-07-21

CWE-1258 是常见的弱点类别,本平台收录该类弱点关联的 8 条 CVE 漏洞。