Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-1258 — Vulnerability Class 8

8 vulnerabilities classified as CWE-1258. AI Chinese analysis included.

CWE-1258 represents a critical hardware-level weakness where security-sensitive data, such as cryptographic keys and intermediate computation values, remains exposed in temporary registers when a device enters debug mode. This vulnerability is typically exploited by attackers who gain physical or remote access to the debug interface, allowing them to read these uncleared memory states and extract confidential information without needing to break the cryptographic algorithms themselves. To mitigate this risk, developers must implement rigorous hardware design practices that ensure all sensitive registers are automatically cleared or masked upon entering any debug state. Additionally, secure boot processes and strict access controls for debug ports are essential to prevent unauthorized entry into these modes, ensuring that transient security data does not persist in a way that compromises the entire system’s integrity.

MITRE CWE Description
The hardware does not fully clear security-sensitive values, such as keys and intermediate values in cryptographic operations, when debug mode is entered. Security sensitive values, keys, intermediate steps of cryptographic operations, etc. are stored in temporary registers in the hardware. If these values are not cleared when debug mode is entered they may be accessed by a debugger allowing sensitive information to be accessible by untrusted parties.
Common Consequences (2)
ConfidentialityRead Memory
Access ControlBypass Protection Mechanism
Mitigations (1)
Architecture and DesignWhenever debug mode is enabled, all registers containing sensitive assets must be cleared.
Examples (2)
A cryptographic core in a System-On-a-Chip (SoC) is used for cryptographic acceleration and implements several cryptographic operations (e.g., computation of AES encryption and decryption, SHA-256, HMAC, etc.). The keys for these operations or the intermediate values are stored in registers internal to the cryptographic core. These internal registers are in the Memory Mapped Input Output (MMIO) sp…
In the above scenario, registers that store keys and intermediate values of cryptographic operations are not cleared when system enters debug mode. An untrusted actor running a debugger may read the contents of these registers and gain access to secret keys and other sensitive cryptographic information.
Bad · Other
Whenever the chip enters debug mode, all registers containing security-sensitive data are be cleared rendering them unreadable.
Good · Other
The following code example is extracted from the AES wrapper module, aes1_wrapper, of the Hack@DAC'21 buggy OpenPiton System-on-Chip (SoC). Within this wrapper module are four memory-mapped registers: core_key, core_key0, core_key1, and core_key2. Core_key0, core_key1, and core_key2 hold encryption/decryption keys. The core_key register selects a key and sends it to the underlying AES module to ex…
module aes1_wrapper #( ... assign core_key0 = debug_mode_i ? 'b0 : { key_reg0[7], key_reg0[6], key_reg0[5], key_reg0[4], key_reg0[3], key_reg0[2], key_reg0[1], key_reg0[0]}; assign core_key1 = { key_reg1[7], key_reg1[6], key_reg1[5], key_reg1[4], key_reg1[3], key_reg1[2], key_reg1[1], key_reg1[0]}; ... endmodule
Bad · Verilog
module aes1_wrapper #( ... assign core_key0 = debug_mode_i ? 'b0 : { key_reg0[7], key_reg0[6], key_reg0[5], key_reg0[4], key_reg0[3], key_reg0[2], key_reg0[1], key_reg0[0]}; assign core_key1 = debug_mode_i ? 'b0 : { key_reg1[7], key_reg1[6], key_reg1[5], key_reg1[4], key_reg1[3], key_reg1[2], key_reg1[1], key_reg1[0]}; ... endmodule
Good · Verilog
CVE IDTitleCVSSSeverityPublished
CVE-2025-14551 Senstive information disclosure was affecting subiquity — Ubuntu 6.2AIMediumAI2026-04-09
CVE-2025-15480 Senstive information disclosure was affecting ubuntu-desktop-provision — Ubuntu 5.5AIMediumAI2026-04-09
CVE-2026-26948 Dell Integrated Dell Remote Access Controller 安全漏洞 — Integrated Dell Remote Access Controller 4.9 Medium2026-03-18
CVE-2025-26482 Dell PowerEdge Server BIOS和Dell iDRAC9 安全漏洞 — PowerEdge R770 4.9 Medium2025-09-25
CVE-2025-32257 WordPress 1 Click WordPress Migration plugin <= 2.5.7 - Sensitive Data Exposure vulnerability — 1 Click WordPress Migration 5.3 Medium2025-04-04
CVE-2023-48308 Calendar app returns full stacktrace when an error happens while editing appointment — security-advisories 3.5 Low2023-12-21
CVE-2022-39292 Exposure of sensitive Slack webhook URLs in debug logs and traces — slack-morphism-rust 7.5 High2022-10-10
CVE-2022-31162 Slack Morphism for Rust before 0.41.0 can accidentally leak Slack OAuth client information in application debug logs — slack-morphism-rust 7.5 High2022-07-21

Vulnerabilities classified as CWE-1258 represent 8 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.