Description
The product does not properly detect and handle extreme conditions in the product’s physical environment, such as temperature, radiation, humidity, power, or other physical phenomena.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
CWE-703
Consequences
Confidentiality, Integrity, Availability: Varies by Context, Unexpected State
Consequences of this weakness are highly dependent on the role of affected components within the larger product.
Potential Mitigations
Phase: Requirements
Description:
In requirements, be specific about expectations for how the product will perform when it exceeds high environmental conditions, e.g., by shutting down.
Phase: Architecture and Design, Implementation
Description:
Where possible, include independent components that can detect excess environmental conditions and have the capability to shut down the product.
Phase: Architecture and Design, Implementation
Description:
Where possible, use shielding or other materials that can increase the adversary’s workload and reduce the likelihood of being able to successfully trigger a security-related failure.
CVE References
