Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-1332 — Vulnerability Class 2

2 vulnerabilities classified as CWE-1332. AI Chinese analysis included.

CWE-1332 represents a hardware-level weakness where a device fails to properly handle faults that cause security-critical CPU instructions to be skipped. This vulnerability typically arises from environmental changes or hardware anomalies that disrupt normal execution flow, allowing attackers to bypass essential security checks or integrity verifications. By exploiting these instruction skips, adversaries can potentially execute unauthorized code or manipulate system state without detection. To mitigate this risk, developers must ensure robust circuitry and sensors are implemented to detect and mitigate such faults. Rigorous hardware validation, including fault injection testing under varying operating conditions, helps identify these gaps. Additionally, employing error-correcting codes and redundant execution paths ensures that critical instructions are not silently skipped, maintaining the integrity of security mechanisms against physical or environmental tampering.

MITRE CWE Description
The device is missing or incorrectly implements circuitry or sensors that detect and mitigate the skipping of security-critical CPU instructions when they occur. The operating conditions of hardware may change in ways that cause unexpected behavior to occur, including the skipping of security-critical CPU instructions. Generally, this can occur due to electrical disturbances or when the device operates outside of its expected conditions. In practice, application code may contain conditional branches that are security-sensitive (e.g., accepting or rejecting a user-provided password). These conditional branches are typically implemented by a single conditional branch instruction in the program binary which, if skipped, may lead to effectively flipping the branch condition - i.e., causing the wrong security-sensitive branch to be taken. This affects processes such as firmware authentication, password verification, and other security-sensitive decision points. Attackers can use fault injection techniques to alter the operating conditions of hardware so that security-critical instructions are skipped more frequently or more reliably than they would in a "natural" setting.
Common Consequences (1)
Confidentiality, Integrity, AuthenticationBypass Protection Mechanism, Alter Execution Logic, Unexpected State
Depending on the context, instruction skipping can have a broad range of consequences related to the generic bypassing of security critical code.
Mitigations (5)
Architecture and DesignDesign strategies for ensuring safe failure if inputs, such as Vcc, are modified out of acceptable ranges.
Architecture and DesignDesign strategies for ensuring safe behavior if instructions attempt to be skipped.
Architecture and DesignIdentify mission critical secrets that should be wiped if faulting is detected, and design a mechanism to do the deletion.
ImplementationAdd redundancy by performing an operation multiple times, either in space or time, and perform majority voting. Additionally, make conditional instruction timing unpredictable.
ImplementationUse redundant operations or canaries to detect and respond to faults.
Examples (1)
A smart card contains authentication credentials that are used as authorization to enter a building. The credentials are only accessible when a correct PIN is presented to the card.
The card emits the credentials when a voltage anomaly is injected into the power line to the device at a particular time after providing an incorrect PIN to the card, causing the internal program to accept the incorrect PIN.
Bad · Other
add an internal filter or internal power supply in series with the power supply pin on the device add sensing circuitry to reset the device if out of tolerance conditions are detected add additional execution sensing circuits to monitor the execution order for anomalies and abort the action or reset the device under fault conditions
Good · Other
CVE IDTitleCVSSSeverityPublished
CVE-2024-20060 MediaTek 芯片 安全漏洞 — MT6580, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT6989, MT8188, MT8370, MT8390 6.7AIMediumAI2024-05-06
CVE-2024-20059 MediaTek 芯片 安全漏洞 — MT6580, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT6989, MT8188, MT8370, MT8390 6.7AIMediumAI2024-05-06

Vulnerabilities classified as CWE-1332 represent 2 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.