CWE-1324 – Sensitive Information Accessible by Physical Probing of JTAG Interface
Description Sensitive information in clear text on the JTAG interface may be examined by an eavesdropper, e.g. by placing a probe device on the interface...
CWE-1323 – Improper Management of Sensitive Trace Data
Description Trace data collected from several sources on the System-on-Chip (SoC) is stored in unprotected locations or transported to untrusted agents. Modes of Introduction: -...
CWE-1322 – Use of Blocking Code in Single-threaded, Non-blocking Context
Description The product uses a non-blocking model that relies on a single threaded process for features such as scalability, but it contains code that can...
CWE-1321 – Improperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’)
Description The software receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does...
CWE-1320 – Improper Protection for Out of Bounds Signal Level Alerts
Description Untrusted agents can disable alerts about signal conditions exceeding limits or the response mechanism that handles such alerts. Modes of Introduction: - Architecture and...
CWE-132 – DEPRECATED: Miscalculated Null Termination
Description This entry has been deprecated because it was a duplicate of CWE-170. All content has been transferred to CWE-170. Modes of Introduction: ...
CWE-1319 – Improper Protection against Electromagnetic Fault Injection (EM-FI)
Description The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed. Modes of...
CWE-1318 – Missing Support for Security Features in On-chip Fabrics or Buses
Description On-chip fabrics or buses either do not support or are not configured to support privilege separation or other security features, such as access control....
CWE-1317 – Missing Security Checks in Fabric Bridge
Description A bridge that is connected to a fabric without security features forwards transactions to the slave without checking the privilege level of the master....
CWE-1316 – Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected Ranges
Description The address map of the on-chip fabric has protected and unprotected regions overlapping, allowing an attacker to bypass access control to the overlapping portion...