CWE-1334 – Unauthorized Error Injection Can Degrade Hardware Redundancy
Description An unauthorized agent can inject errors into a redundant block to deprive the system of redundancy or put the system in a degraded operating...
CWE-1333 – Inefficient Regular Expression Complexity
Description The product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles. Some regular expression engines have...
CWE-1332 – Improper Handling of Faults that Lead to Instruction Skips
Description The device is missing or incorrectly implements circuitry or sensors that detect and mitigate the skipping of security-critical CPU instructions when they occur. Modes...
CWE-1331 – Improper Isolation of Shared Resources in Network On Chip (NoC)
Description The Network On Chip (NoC) does not isolate or incorrectly isolates its on-chip-fabric and internal resources such that they are shared between trusted and...
CWE-1330 – Remanent Data Readable after Memory Erase
Description Confidential information stored in memory circuits is readable or recoverable after being cleared or erased. Modes of Introduction: - Architecture and Design ...
CWE-1329 – Reliance on Component That is Not Updateable
Description The product contains a component that cannot be updated or patched in order to remove vulnerabilities or significant bugs. Modes of Introduction: - Requirements...
CWE-1328 – Security Version Number Mutable to Older Versions
Description Security-version number in hardware is mutable, resulting in the ability to downgrade (roll-back) the boot firmware to vulnerable code versions. Modes of Introduction: -...
CWE-1327 – Binding to an Unrestricted IP Address
Description The product assigns the address 0.0.0.0 for a database server, a cloud service/instance, or any computing resource that communicates remotely. Modes of Introduction: -...
CWE-1326 – Missing Immutable Root of Trust in Hardware
Description A missing immutable root of trust in the hardware results in the ability to bypass secure boot or execute untrusted or adversarial boot code....
CWE-1325 – Improperly Controlled Sequential Memory Allocation
Description The product manages a group of objects or resources and performs a separate memory allocation for each object, but it does not properly limit...