All posts by rocco

Vulnerabilities of the TLS Protocol

Read Time:2 Minute, 6 Second

Secure Socket Layer (SSL) and its successor, Transport Layer Security (TLS), are widely used protocols for secure online communication. They provide encryption and authentication between two applications over a network, ensuring the confidentiality and integrity of data transmitted between them.

However, SSL/TLS is not invulnerable, and over the years, several vulnerabilities have been discovered that can compromise the security of online transactions. One of the most significant vulnerabilities is the POODLE attack, discovered in 2014, which affects the older versions of SSL/TLS. This vulnerability allows an attacker to exploit the way SSL/TLS handles padding in the encryption process, enabling them to read encrypted information, including sensitive information such as passwords and credit card numbers.

Another vulnerability is the BEAST attack, which exploits a vulnerability in the way SSL/TLS handles block ciphers in older versions of the protocol. This attack allows an attacker to intercept and decrypt secure HTTPS cookies, potentially giving them access to sensitive data.

A third vulnerability is known as the DROWN attack, which can exploit weak encryption protocols such as SSLv2. The attack allows an attacker to read encrypted data transmitted over an SSL/TLS connection by exploiting a flaw in the SSLv2 protocol. Even though SSLv2 is now considered obsolete and no longer used, some older systems may still have it enabled, leaving them vulnerable to attack.

To ensure the maximum security of your online transactions, it’s essential to be aware of the potential vulnerabilities of SSL/TLS and to take necessary precautions. To start with, it’s recommended to use the latest version of TLS, which is currently TLS 1.3, and to disable support for older, insecure protocols like SSLv2 and SSLv3.

It’s also important to use strong encryption ciphers and to regularly test your TLS configuration for potential vulnerabilities. This can be done using tools like SSL Labs’ SSL Server Test, which can check the strength of your TLS configuration and identify any potential vulnerabilities.

Another crucial step is to regularly update your TLS certificates, which verify the identity of the server you’re communicating with and ensure that your data is not intercepted by an attacker. TLS certificates have an expiration date, so it’s essential to keep them up to date to ensure maximum security.

Finally, consider using other security measures like firewalls, antivirus software, and two-factor authentication to provide an additional layer of protection.

By taking these necessary precautions, you can significantly reduce the risk of SSL/TLS vulnerabilities and ensure the maximum security of your online transactions.

CWE

Read Time:1 Minute, 11 Second

CWE (Common Weakness Enumeration) is a list of common types of hardware and software defects that have security implications. The CWE list can be used as a framework to describe and communicate such vulnerabilities in terms of CWEs.

The goal is to support all those methods (including automatic ones) to control and prevent software errors. It can be used at the development stage, during the Code Review activity, and later on during the penetration test activity to classify and communicate the vulnerability type to developers. The system is at version 4.7 and contains over 600 categories of weaknesses and vulnerabilities

The CWE Top 25 Most Dangerous Software Weakness List is a list of the most common programming errors that can lead to software vulnerabilities. Vulnerabilities present in the CWE Top 25 are usually easy to detect and exploit. For example, the CWE-79 is related to Cross-Site Scripting while the CWE-89 to SQL Injection. A similar project is Top Ten Owasp (Open Web Application Security Project). Compared to the CWE Top 25, the Top Ten OWASP focuses solely on vulnerabilities of web applications.
The CWE Most Important Hardware Weakness List serves the same purpose, but it focuses on hardware defects.

Please check our post about Vulnerability Analysis to learn more about CWE usage.

Please find a list of all the CWE below or use the search box above to find a specific CWE.

  • CWE-198 – Use of Incorrect Byte Ordering

    Description The software receives input from an upstream component, but it does not account for byte ordering (e.g. big-endian and little-endian) when processing the input, causing an incorrect number or value to be used. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-188   Consequences Integrity: Unexpected State   Potential Mitigations CVE…

  • CWE-20 – Improper Input Validation

    Description The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. Modes of Introduction: – Architecture and Design   Likelihood of Exploit: High   Related Weaknesses CWE-707 CWE-345 CWE-22 CWE-41 CWE-74 CWE-119 CWE-770   Consequences…

  • CWE-157 – Failure to Sanitize Paired Delimiters

    Description The software does not properly handle the characters that are used to mark the beginning and ending of a group of entities, such as parentheses, brackets, and braces. Modes of Introduction: – Implementation     Related Weaknesses CWE-138   Consequences Integrity: Unexpected State   Potential Mitigations Phase: Description:  Developers should anticipate that grouping elements…

  • CWE-158 – Improper Neutralization of Null Byte or NUL Character

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes NUL characters or null bytes when they are sent to a downstream component. As data is parsed, an injected NUL character or null byte may cause the software to believe the input is terminated earlier than it actually…

  • CWE-159 – Improper Handling of Invalid Use of Special Elements

    Description The product does not properly filter, remove, quote, or otherwise manage the invalid use of special elements in user-controlled input, which could cause adverse effect on its behavior and integrity. Modes of Introduction: – Implementation     Related Weaknesses CWE-138   Consequences Integrity: Unexpected State   Potential Mitigations Phase: Description:  Developers should anticipate that…

  • CWE-160 – Improper Neutralization of Leading Special Elements

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes leading special elements that could be interpreted in unexpected ways when they are sent to a downstream component. As data is parsed, improperly handled leading special elements may cause the process to take unexpected actions that result in…

  • CWE-161 – Improper Neutralization of Multiple Leading Special Elements

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes multiple leading special elements that could be interpreted in unexpected ways when they are sent to a downstream component. As data is parsed, improperly handled multiple leading special elements may cause the process to take unexpected actions that…

  • CWE-162 – Improper Neutralization of Trailing Special Elements

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes trailing special elements that could be interpreted in unexpected ways when they are sent to a downstream component. As data is parsed, improperly handled trailing special elements may cause the process to take unexpected actions that result in…

  • CWE-163 – Improper Neutralization of Multiple Trailing Special Elements

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes multiple trailing special elements that could be interpreted in unexpected ways when they are sent to a downstream component. As data is parsed, improperly handled multiple trailing special elements may cause the process to take unexpected actions that…

  • CWE-164 – Improper Neutralization of Internal Special Elements

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes internal special elements that could be interpreted in unexpected ways when they are sent to a downstream component. As data is parsed, improperly handled internal special elements may cause the process to take unexpected actions that result in…

  • CWE-165 – Improper Neutralization of Multiple Internal Special Elements

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes multiple internal special elements that could be interpreted in unexpected ways when they are sent to a downstream component. As data is parsed, improperly handled multiple internal special elements may cause the process to take unexpected actions that…

  • CWE-166 – Improper Handling of Missing Special Element

    Description The software receives input from an upstream component, but it does not handle or incorrectly handles when an expected special element is missing. Modes of Introduction: – Implementation     Related Weaknesses CWE-159 CWE-703   Consequences Availability: DoS: Crash, Exit, or Restart   Potential Mitigations Phase: Description:  Developers should anticipate that special elements will…

  • CWE-167 – Improper Handling of Additional Special Element

    Description The software receives input from an upstream component, but it does not handle or incorrectly handles when an additional unexpected special element is provided. Modes of Introduction: – Implementation     Related Weaknesses CWE-159 CWE-703   Consequences Integrity: Unexpected State   Potential Mitigations Phase: Description:  Developers should anticipate that extra special elements will be…

  • CWE-168 – Improper Handling of Inconsistent Special Elements

    Description The software does not properly handle input in which an inconsistency exists between two or more special characters or reserved words. An example of this problem would be if paired characters appear in the wrong order, or if the special characters are not properly nested. Modes of Introduction: – Implementation     Related Weaknesses…

  • CWE-170 – Improper Null Termination

    Description The software does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator. Null termination errors frequently occur in two different ways. An off-by-one error could cause a null to be written out of bounds, leading to an overflow. Or, a program could use a strncpy() function call…

  • CWE-172 – Encoding Error

    Description The software does not properly encode or decode the data, resulting in unexpected values. Modes of Introduction: – Implementation     Related Weaknesses CWE-707 CWE-22 CWE-41   Consequences Integrity: Unexpected State   Potential Mitigations Phase: Implementation Description:  Phase: Implementation Description:  While it is risky to use dynamically-generated query strings, code, or commands that mix…

  • CWE-173 – Improper Handling of Alternate Encoding

    Description The software does not properly handle when an input uses an alternate encoding that is valid for the control sphere to which the input is being sent. Modes of Introduction: – Implementation     Related Weaknesses CWE-172 CWE-289   Consequences Access Control: Bypass Protection Mechanism   Potential Mitigations Phase: Architecture and Design Description:  Avoid…

  • CWE-174 – Double Decoding of the Same Data

    Description The software decodes the same input twice, which can limit the effectiveness of any protection mechanism that occurs in between the decoding operations. Modes of Introduction: – Implementation     Related Weaknesses CWE-172 CWE-675   Consequences Access Control, Confidentiality, Availability, Integrity, Other: Bypass Protection Mechanism, Execute Unauthorized Code or Commands, Varies by Context  …

  • CWE-175 – Improper Handling of Mixed Encoding

    Description The software does not properly handle when the same input uses several different (mixed) encodings. Modes of Introduction: – Implementation     Related Weaknesses CWE-172   Consequences Integrity: Unexpected State   Potential Mitigations Phase: Architecture and Design Description:  Avoid making decisions based on names of resources (e.g. files) if those resources can have alternate…

  • CWE-176 – Improper Handling of Unicode Encoding

    Description The software does not properly handle when an input contains Unicode encoding. Modes of Introduction: – Implementation     Related Weaknesses CWE-172   Consequences Integrity: Unexpected State   Potential Mitigations Phase: Architecture and Design Description:  Avoid making decisions based on names of resources (e.g. files) if those resources can have alternate names. Phase: Implementation…

  • CWE-177 – Improper Handling of URL Encoding (Hex Encoding)

    Description The software does not properly handle when all or part of an input has been URL encoded. Modes of Introduction: – Implementation     Related Weaknesses CWE-172   Consequences Integrity: Unexpected State   Potential Mitigations Phase: Architecture and Design Description:  Avoid making decisions based on names of resources (e.g. files) if those resources can…

  • CWE-178 – Improper Handling of Case Sensitivity

    Description The software does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results. Modes of Introduction: – Implementation     Related Weaknesses CWE-706 CWE-706 CWE-433 CWE-289   Consequences Access Control: Bypass Protection Mechanism   Potential Mitigations Phase: Architecture and Design Description:  Avoid making…

  • CWE-1385 – Missing Origin Validation in WebSockets

    Description The software uses a WebSocket, but it does not properly verify that the source of data or communication is valid. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-346   Consequences Confidentiality, Integrity, Availability, Non-Repudiation, Access Control: Varies by Context, Gain Privileges or Assume Identity, Bypass Protection Mechanism, Read Application Data,…

  • CWE-14 – Compiler Removal of Code to Clear Buffers

    Description Sensitive memory is cleared according to the source code, but compiler optimizations leave the memory untouched when it is not read from again, aka “dead store removal.” Modes of Introduction: – Implementation     Related Weaknesses CWE-733   Consequences Confidentiality, Access Control: Read Memory, Bypass Protection Mechanism This weakness will allow data that has…

  • CWE-140 – Improper Neutralization of Delimiters

    Description The software does not neutralize or incorrectly neutralizes delimiters. Modes of Introduction: – Implementation     Related Weaknesses CWE-138   Consequences Integrity: Unexpected State   Potential Mitigations Phase: Implementation Description:  Developers should anticipate that delimiters will be injected/removed/manipulated in the input vectors of their software system. Use an appropriate combination of denylists and allowlists…

  • CWE-141 – Improper Neutralization of Parameter/Argument Delimiters

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as parameter or argument delimiters when they are sent to a downstream component. As data is parsed, an injected/absent/malformed delimiter may cause the process to take unexpected actions. Modes of Introduction: –…

  • CWE-142 – Improper Neutralization of Value Delimiters

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as value delimiters when they are sent to a downstream component. As data is parsed, an injected/absent/malformed delimiter may cause the process to take unexpected actions. Modes of Introduction: – Implementation  …

  • CWE-143 – Improper Neutralization of Record Delimiters

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as record delimiters when they are sent to a downstream component. As data is parsed, an injected/absent/malformed delimiter may cause the process to take unexpected actions. Modes of Introduction: – Implementation  …

  • CWE-144 – Improper Neutralization of Line Delimiters

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as line delimiters when they are sent to a downstream component. As data is parsed, an injected/absent/malformed delimiter may cause the process to take unexpected actions. Modes of Introduction: – Implementation  …

  • CWE-145 – Improper Neutralization of Section Delimiters

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as section delimiters when they are sent to a downstream component. Modes of Introduction: – Implementation     Related Weaknesses CWE-140 CWE-93   Consequences Integrity: Unexpected State   Potential Mitigations Phase: Description: …

  • CWE-146 – Improper Neutralization of Expression/Command Delimiters

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as expression or command delimiters when they are sent to a downstream component. As data is parsed, an injected/absent/malformed delimiter may cause the process to take unexpected actions. Modes of Introduction: –…

  • CWE-147 – Improper Neutralization of Input Terminators

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as input terminators when they are sent to a downstream component. For example, a “.” in SMTP signifies the end of mail message data, whereas a null character can be used for…

  • CWE-148 – Improper Neutralization of Input Leaders

    Description The application does not properly handle when a leading character or sequence (“leader”) is missing or malformed, or if multiple leaders are used when only one should be allowed. Modes of Introduction: – Implementation     Related Weaknesses CWE-138   Consequences Integrity: Unexpected State   Potential Mitigations Phase: Description:  Developers should anticipate that leading…

  • CWE-149 – Improper Neutralization of Quoting Syntax

    Description Quotes injected into an application can be used to compromise a system. As data are parsed, an injected/absent/duplicate/malformed use of quotes may cause the process to take unexpected actions. Modes of Introduction: – Implementation     Related Weaknesses CWE-138   Consequences Integrity: Unexpected State   Potential Mitigations Phase: Description:  Developers should anticipate that quotes…

  • CWE-15 – External Control of System or Configuration Setting

    Description One or more system settings or configuration elements can be externally controlled by a user. Allowing external control of system settings can disrupt service or cause an application to behave in unexpected, and potentially malicious ways. Modes of Introduction: – Implementation     Related Weaknesses CWE-642 CWE-610 CWE-20   Consequences Other: Varies by Context…

  • CWE-150 – Improper Neutralization of Escape, Meta, or Control Sequences

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as escape, meta, or control character sequences when they are sent to a downstream component. As data is parsed, an injected/absent/malformed delimiter may cause the process to take unexpected actions. Modes of…

  • CWE-151 – Improper Neutralization of Comment Delimiters

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as comment delimiters when they are sent to a downstream component. Modes of Introduction: – Implementation     Related Weaknesses CWE-138   Consequences Integrity: Unexpected State   Potential Mitigations Phase: Description:  Developers…

  • CWE-152 – Improper Neutralization of Macro Symbols

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as macro symbols when they are sent to a downstream component. Modes of Introduction: – Implementation     Related Weaknesses CWE-138   Consequences Integrity: Unexpected State   Potential Mitigations Phase: Implementation Description: …

  • CWE-153 – Improper Neutralization of Substitution Characters

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as substitution characters when they are sent to a downstream component. Modes of Introduction: – Implementation     Related Weaknesses CWE-138   Consequences Integrity: Unexpected State   Potential Mitigations Phase: Description:  Developers…

  • CWE-154 – Improper Neutralization of Variable Name Delimiters

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as variable name delimiters when they are sent to a downstream component. As data is parsed, an injected delimiter may cause the process to take unexpected actions that result in an attack.…

  • CWE-155 – Improper Neutralization of Wildcards or Matching Symbols

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as wildcards or matching symbols when they are sent to a downstream component. As data is parsed, an injected element may cause the process to take unexpected actions. Modes of Introduction: –…

  • CWE-156 – Improper Neutralization of Whitespace

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as whitespace when they are sent to a downstream component. This can include space, tab, etc. Modes of Introduction: – Implementation     Related Weaknesses CWE-138   Consequences Integrity: Unexpected State  …

  • CWE-1327 – Binding to an Unrestricted IP Address

    Description The product assigns the address 0.0.0.0 for a database server, a cloud service/instance, or any computing resource that communicates remotely. Modes of Introduction: – System Configuration     Related Weaknesses CWE-668   Consequences Availability: DoS: Amplification   Potential Mitigations Phase: System Configuration Effectiveness: High Description:  Assign IP addresses that are not 0.0.0.0. Phase: System…

  • CWE-1328 – Security Version Number Mutable to Older Versions

    Description Security-version number in hardware is mutable, resulting in the ability to downgrade (roll-back) the boot firmware to vulnerable code versions. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-285 CWE-757   Consequences Confidentiality, Integrity, Authentication, Authorization: Other Impact includes roll-back or downgrade to a vulnerable version of the firmware or DoS…

  • CWE-1329 – Reliance on Component That is Not Updateable

    Description The product contains a component that cannot be updated or patched in order to remove vulnerabilities or significant bugs. Modes of Introduction: – Requirements     Related Weaknesses CWE-1357 CWE-664   Consequences Confidentiality, Integrity, Access Control, Authentication, Authorization, Other: Gain Privileges or Assume Identity, Bypass Protection Mechanism, Execute Unauthorized Code or Commands, DoS: Crash,…

  • CWE-1330 – Remanent Data Readable after Memory Erase

    Description Confidential information stored in memory circuits is readable or recoverable after being cleared or erased. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-1301 CWE-1301   Consequences Confidentiality: Modify Memory, Read Memory Confidential data are readable to untrusted agent.   Potential Mitigations Phase: Architecture and Design Description:  CVE References CVE-2019-8575 Firmware…

  • CWE-1331 – Improper Isolation of Shared Resources in Network On Chip (NoC)

    Description The Network On Chip (NoC) does not isolate or incorrectly isolates its on-chip-fabric and internal resources such that they are shared between trusted and untrusted agents, creating timing channels. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-653 CWE-668 CWE-1189   Consequences Confidentiality, Availability: DoS: Resource Consumption (Other), Varies by Context,…

  • CWE-1332 – Improper Handling of Faults that Lead to Instruction Skips

    Description The device is missing or incorrectly implements circuitry or sensors that detect and mitigate the skipping of security-critical CPU instructions when they occur. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-1384 CWE-1247   Consequences Confidentiality, Integrity, Authentication: Bypass Protection Mechanism, Alter Execution Logic, Unexpected State Depending on the context, instruction…

  • CWE-1333 – Inefficient Regular Expression Complexity

    Description The product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles. Some regular expression engines have a feature called “backtracking”. If the token cannot match, the engine “backtracks” to a position that may result in a different token that can match. Backtracking becomes a weakness if…

  • CWE-1334 – Unauthorized Error Injection Can Degrade Hardware Redundancy

    Description An unauthorized agent can inject errors into a redundant block to deprive the system of redundancy or put the system in a degraded operating mode. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-284   Consequences Integrity, Availability: DoS: Crash, Exit, or Restart, DoS: Instability, Quality Degradation, DoS: Resource Consumption (CPU),…

  • CWE-1335 – Incorrect Bitwise Shift of Integer

    Description An integer value is specified to be shifted by a negative amount or an amount greater than or equal to the number of bits contained in the value causing an unexpected or indeterminate result. Modes of Introduction: – Implementation     Related Weaknesses CWE-682   Consequences Integrity: DoS: Crash, Exit, or Restart   Potential…

  • CWE-1336 – Improper Neutralization of Special Elements Used in a Template Engine

    Description The product uses a template engine to insert or process externally-influenced input, but it does not neutralize or incorrectly neutralizes special elements or syntax that can be interpreted as template expressions or other code directives when processed by the engine. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-94   Consequences…

  • CWE-1338 – Improper Protections Against Hardware Overheating

    Description A hardware device is missing or has inadequate protection features to prevent overheating. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-693   Consequences Availability: DoS: Resource Consumption (Other)   Potential Mitigations Phase: Architecture and Design Description:  Temperature maximum and minimum limits should be enforced using thermal sensors both in silicon…

  • CWE-1339 – Insufficient Precision or Accuracy of a Real Number

    Description The program processes a real number with an implementation in which the number’s representation does not preserve required accuracy and precision in its fractional part, causing an incorrect result. There are three major ways to store real numbers in computers. Each method is described along with the limitations of how they store their numbers.…

  • CWE-134 – Use of Externally-Controlled Format String

    Description The software uses a function that accepts a format string as an argument, but the format string originates from an external source. Modes of Introduction: – Implementation   Likelihood of Exploit: High   Related Weaknesses CWE-668 CWE-668 CWE-123 CWE-20   Consequences Confidentiality: Read Memory Format string problems allow for information disclosure which can severely…

  • CWE-1341 – Multiple Releases of Same Resource or Handle

    Description The product attempts to close or release a resource or handle more than once, without any successful open between the close operations. Modes of Introduction: – Implementation     Related Weaknesses CWE-675 CWE-672   Consequences Availability, Integrity: DoS: Crash, Exit, or Restart   Potential Mitigations Phase: Implementation Description:  Change the code’s logic so that…

  • CWE-1342 – Information Exposure through Microarchitectural State after Transient Execution

    Description The processor does not properly clear microarchitectural state after incorrect microcode assists or speculative execution, resulting in transient execution. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-226 CWE-226   Consequences Confidentiality, Integrity: Modify Memory, Read Memory, Execute Unauthorized Code or Commands   Potential Mitigations Phase: Architecture and Design, Requirements Effectiveness:…

  • CWE-135 – Incorrect Calculation of Multi-Byte String Length

    Description The software does not correctly calculate the length of strings that can contain wide or multi-byte characters. Modes of Introduction: – Implementation     Related Weaknesses CWE-682   Consequences Integrity, Confidentiality, Availability: Execute Unauthorized Code or Commands This weakness may lead to a buffer overflow. Buffer overflows often can be used to execute arbitrary…

  • CWE-1351 – Improper Handling of Hardware Behavior in Exceptionally Cold Environments

    Description A hardware device, or the firmware running on it, is missing or has incorrect protection features to maintain goals of security primitives when the device is cooled below standard operating temperatures. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-1384   Consequences Integrity, Authentication: Varies by Context, Unexpected State Consequences of…

  • CWE-1357 – Reliance on Uncontrolled Component

    Description The product’s design or architecture is built from multiple separate components, but one or more components are not under complete control of the developer, such as a third-party software library or a physical component that is built by an original equipment manufacturer (OEM). Modes of Introduction: – Requirements     Related Weaknesses CWE-710  …

  • CWE-138 – Improper Neutralization of Special Elements

    Description The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as control elements or syntactic markers when they are sent to a downstream component. Most languages and protocols have their own special elements such as characters and reserved words. These special elements…

  • CWE-1384 – Improper Handling of Extreme Physical Environment Conditions

    Description The product does not properly detect and handle extreme conditions in the product’s physical environment, such as temperature, radiation, humidity, power, or other physical phenomena. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-703   Consequences Confidentiality, Integrity, Availability: Varies by Context, Unexpected State Consequences of this weakness are highly dependent…

  • CWE-1304 – Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation

    Description The product performs a power save/restore operation, but it does not ensure that the integrity of the configuration state is maintained and/or verified between the beginning and ending of the operation. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-284 CWE-345 CWE-1271   Consequences Confidentiality, Integrity: DoS: Instability, DoS: Crash, Exit,…

  • CWE-131 – Incorrect Calculation of Buffer Size

    Description The software does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow. Modes of Introduction: – Implementation   Likelihood of Exploit: High   Related Weaknesses CWE-682 CWE-682 CWE-682 CWE-682 CWE-119   Consequences Integrity, Availability, Confidentiality: DoS: Crash, Exit, or Restart, Execute Unauthorized Code or…

  • CWE-1310 – Missing Ability to Patch ROM Code

    Description Missing an ability to patch ROM code may leave a System or System-on-Chip (SoC) in a vulnerable state. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-1329   Consequences Other: Varies by Context, Reduce Maintainability When the system is unable to be patched, it can be left in a vulnerable state.…

  • CWE-1311 – Improper Translation of Security Attributes by Fabric Bridge

    Description The bridge incorrectly translates security attributes from either trusted to untrusted or from untrusted to trusted when converting from one fabric protocol to another. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-284   Consequences Confidentiality, Integrity, Access Control: Modify Memory, Read Memory, Gain Privileges or Assume Identity, Bypass Protection Mechanism,…

  • CWE-1312 – Missing Protection for Mirrored Regions in On-Chip Fabric Firewall

    Description The firewall in an on-chip fabric protects the main addressed region, but it does not protect any mirrored memory or memory-mapped-IO (MMIO) regions. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-284 CWE-1251   Consequences Confidentiality, Integrity, Access Control: Modify Memory, Read Memory, Bypass Protection Mechanism   Potential Mitigations Phase: Architecture…

  • CWE-1313 – Hardware Allows Activation of Test or Debug Logic at Runtime

    Description During runtime, the hardware allows for test or debug logic (feature) to be activated, which allows for changing the state of the hardware. This feature can alter the intended behavior of the system and allow for alteration and leakage of sensitive data by an adversary. Modes of Introduction: – Architecture and Design    …

  • CWE-1314 – Missing Write Protection for Parametric Data Values

    Description The device does not write-protect the parametric data values for sensors that scale the sensor value, allowing untrusted software to manipulate the apparent result and potentially damage hardware or cause operational failure. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-862 CWE-1299   Consequences Availability: Quality Degradation, DoS: Resource Consumption (Other)…

  • CWE-1315 – Improper Setting of Bus Controlling Capability in Fabric End-point

    Description The bus controller enables bits in the fabric end-point to allow responder devices to control transactions on the fabric. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-284   Consequences Access Control: Modify Memory, Read Memory, Bypass Protection Mechanism   Potential Mitigations Phase: Architecture and Design Description:  For responder devices, the…

  • CWE-1316 – Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected Ranges

    Description The address map of the on-chip fabric has protected and unprotected regions overlapping, allowing an attacker to bypass access control to the overlapping portion of the protected region. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-284   Consequences Confidentiality, Integrity, Access Control, Authorization: Bypass Protection Mechanism, Read Memory, Modify Memory…

  • CWE-1317 – Missing Security Checks in Fabric Bridge

    Description A bridge that is connected to a fabric without security features forwards transactions to the slave without checking the privilege level of the master. Similarly, it does not check the hardware identity of the transaction received from the slave interface of the bridge. Modes of Introduction: – Architecture and Design     Related Weaknesses…

  • CWE-1318 – Missing Support for Security Features in On-chip Fabrics or Buses

    Description On-chip fabrics or buses either do not support or are not configured to support privilege separation or other security features, such as access control. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-693   Consequences Confidentiality, Integrity, Access Control, Availability: DoS: Crash, Exit, or Restart, Read Memory, Modify Memory   Potential…

  • CWE-1319 – Improper Protection against Electromagnetic Fault Injection (EM-FI)

    Description The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-693   Consequences Confidentiality, Integrity, Access Control, Availability: Modify Memory, Read Memory, Gain Privileges or Assume Identity, Bypass Protection Mechanism, Execute…

  • CWE-132 – DEPRECATED: Miscalculated Null Termination

    Description This entry has been deprecated because it was a duplicate of CWE-170. All content has been transferred to CWE-170. Modes of Introduction:     Related Weaknesses   Consequences   Potential Mitigations CVE References

  • CWE-1320 – Improper Protection for Out of Bounds Signal Level Alerts

    Description Untrusted agents can disable alerts about signal conditions exceeding limits or the response mechanism that handles such alerts. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-284   Consequences Availability: DoS: Instability, DoS: Crash, Exit, or Restart, Reduce Reliability, Unexpected State   Potential Mitigations Phase: Architecture and Design Description:  Alert signals…

  • CWE-1321 – Improperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’)

    Description The software receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-915 CWE-913 CWE-471   Consequences Integrity: Modify Application Data…

  • CWE-1322 – Use of Blocking Code in Single-threaded, Non-blocking Context

    Description The product uses a non-blocking model that relies on a single threaded process for features such as scalability, but it contains code that can block when it is invoked. Modes of Introduction: – Implementation     Related Weaknesses CWE-834 CWE-835   Consequences Availability: DoS: Resource Consumption (CPU) An unexpected call to blocking code can…

  • CWE-1323 – Improper Management of Sensitive Trace Data

    Description Trace data collected from several sources on the System-on-Chip (SoC) is stored in unprotected locations or transported to untrusted agents. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-284   Consequences Confidentiality: Read Memory An adversary can read secret values if they are captured in debug traces and stored unsafely.  …

  • CWE-1324 – Sensitive Information Accessible by Physical Probing of JTAG Interface

    Description Sensitive information in clear text on the JTAG interface may be examined by an eavesdropper, e.g. by placing a probe device on the interface such as a logic analyzer, or a corresponding software technique. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-300   Consequences Confidentiality: Read Memory, Read Files or…

  • CWE-1325 – Improperly Controlled Sequential Memory Allocation

    Description The product manages a group of objects or resources and performs a separate memory allocation for each object, but it does not properly limit the total amount of memory that is consumed by all of the combined objects. Modes of Introduction: – Implementation     Related Weaknesses CWE-770 CWE-789 CWE-476   Consequences Availability: DoS:…

  • CWE-1326 – Missing Immutable Root of Trust in Hardware

    Description A missing immutable root of trust in the hardware results in the ability to bypass secure boot or execute untrusted or adversarial boot code. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-693   Consequences Authentication, Authorization: Gain Privileges or Assume Identity, Execute Unauthorized Code or Commands, Modify Memory   Potential…

  • CWE-1287 – Improper Validation of Specified Type of Input

    Description The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type. Modes of Introduction: – Implementation     Related Weaknesses CWE-20 CWE-843   Consequences Other: Varies by Context   Potential Mitigations Phase: Implementation Effectiveness: High…

  • CWE-1288 – Improper Validation of Consistency within Input

    Description The product receives a complex input with multiple elements or fields that must be consistent with each other, but it does not validate or incorrectly validates that the input is actually consistent. Modes of Introduction: – Implementation     Related Weaknesses CWE-20   Consequences Other: Varies by Context   Potential Mitigations Phase: Implementation Effectiveness:…

  • CWE-1289 – Improper Validation of Unsafe Equivalence in Input

    Description The product receives an input value that is used as a resource identifier or other type of reference, but it does not validate or incorrectly validates that the input is equivalent to a potentially-unsafe value. Modes of Introduction: – Implementation     Related Weaknesses CWE-20 CWE-41 CWE-178   Consequences Other: Varies by Context  …

  • CWE-129 – Improper Validation of Array Index

    Description The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array. Modes of Introduction: – Implementation   Likelihood of Exploit: High   Related Weaknesses CWE-1285 CWE-20 CWE-119 CWE-823 CWE-789   Consequences…

  • CWE-1290 – Incorrect Decoding of Security Identifiers

    Description The product implements a decoding mechanism to decode certain bus-transaction signals to security identifiers. If the decoding is implemented incorrectly, then untrusted agents can now gain unauthorized access to the asset. Modes of Introduction: – Implementation     Related Weaknesses CWE-284 CWE-1294   Consequences Confidentiality, Integrity, Availability, Access Control: Modify Memory, Read Memory, DoS:…

  • CWE-1291 – Public Key Re-Use for Signing both Debug and Production Code

    Description The same public key is used for signing both debug and production code. Modes of Introduction: – Implementation     Related Weaknesses CWE-693 CWE-321   Consequences Confidentiality, Integrity, Availability, Access Control, Accountability, Authentication, Authorization, Non-Repudiation, Other: Read Memory, Modify Memory, Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity, Varies by Context  …

  • CWE-1292 – Incorrect Conversion of Security Identifiers

    Description The product implements a conversion mechanism to map certain bus-transaction signals to security identifiers. However, if the conversion is incorrectly implemented, untrusted agents can gain unauthorized access to the asset. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-284 CWE-1294   Consequences Confidentiality, Integrity, Availability, Access Control: Modify Memory, Read Memory,…

  • CWE-1293 – Missing Source Correlation of Multiple Independent Data

    Description The software relies on one source of data, preventing the ability to detect if an adversary has compromised a data source. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-345 CWE-654   Consequences Confidentiality, Integrity: Read Application Data, Modify Application Data, Gain Privileges or Assume Identity An attacker that may be…

  • CWE-1294 – Insecure Security Identifier Mechanism

    Description The System-on-Chip (SoC) implements a Security Identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Identifiers are not correctly implemented. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-284   Consequences Confidentiality, Integrity, Availability, Access Control: Modify Memory, Read Memory,…

  • CWE-1295 – Debug Messages Revealing Unnecessary Information

    Description The product fails to adequately prevent the revealing of unnecessary and potentially sensitive system information within debugging messages. Modes of Introduction: – Implementation     Related Weaknesses CWE-200 CWE-209   Consequences Confidentiality, Integrity, Availability, Access Control, Accountability, Authentication, Authorization, Non-Repudiation: Read Memory, Bypass Protection Mechanism, Gain Privileges or Assume Identity, Varies by Context  …

  • CWE-1296 – Incorrect Chaining or Granularity of Debug Components

    Description The product’s debug components contain incorrect chaining or granularity of debug components. Modes of Introduction: – Implementation     Related Weaknesses CWE-284   Consequences Confidentiality, Integrity, Access Control, Authentication, Authorization, Availability, Accountability: Gain Privileges or Assume Identity, Bypass Protection Mechanism, Execute Unauthorized Code or Commands, Modify Memory, Modify Files or Directories Depending on the…

  • CWE-1297 – Unprotected Confidential Information on Device is Accessible by OSAT Vendors

    Description The product does not adequately protect confidential information on the device from being accessed by Outsourced Semiconductor Assembly and Test (OSAT) vendors. Modes of Introduction: – Implementation     Related Weaknesses CWE-285   Consequences Confidentiality, Integrity, Access Control, Authentication, Authorization, Availability, Accountability, Non-Repudiation: Gain Privileges or Assume Identity, Bypass Protection Mechanism, Execute Unauthorized Code…

  • CWE-1298 – Hardware Logic Contains Race Conditions

    Description A race condition in the hardware logic results in undermining security guarantees of the system. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-362   Consequences Access Control: Bypass Protection Mechanism, Gain Privileges or Assume Identity, Alter Execution Logic   Potential Mitigations Phase: Architecture and Design Description:  Adopting design practices that…

  • CWE-1299 – Missing Protection Mechanism for Alternate Hardware Interface

    Description The lack of protections on alternate paths to access control-protected assets (such as unprotected shadow registers and other external facing unguarded interfaces) allows an attacker to bypass existing protections to the asset that are only performed against the primary path. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-1191 CWE-420 CWE-288…

  • CWE-13 – ASP.NET Misconfiguration: Password in Configuration File

    Description Storing a plaintext password in a configuration file allows anyone who can read the file access to the password-protected resource making them an easy target for attackers. Modes of Introduction: – Architecture and Design     Related Weaknesses CWE-260   Consequences Access Control: Gain Privileges or Assume Identity   Potential Mitigations Phase: Implementation Description: …

  • CWE-130 – Improper Handling of Length Parameter Inconsistency

    Description The software parses a formatted message or structure, but it does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data. If an attacker can manipulate the length parameter associated with an input such that it is inconsistent with the actual length of the input,…

  • CWE-1300 – Improper Protection of Physical Side Channels

    Description The device does not contain sufficient protection mechanisms to prevent physical side channels from exposing sensitive information due to patterns in physically observable phenomena such as variations in power consumption, electromagnetic emissions (EME), or acoustic emissions. Modes of Introduction: – Implementation     Related Weaknesses CWE-203 CWE-203   Consequences Confidentiality: Read Memory, Read Application…

  • CWE-1301 – Insufficient or Incomplete Data Removal within Hardware Component

    Description The product’s data removal process does not completely delete all data and potentially sensitive information within hardware components. Modes of Introduction: – Implementation     Related Weaknesses CWE-226   Consequences Confidentiality: Read Memory, Read Application Data   Potential Mitigations Phase: Architecture and Design Description:  Apply blinding or masking techniques to implementations of cryptographic algorithms.…

CWE-669 – Incorrect Resource Transfer Between Spheres

Read Time:49 Second

Description

The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere, in a manner that provides unintended control over that resource.

A “control sphere” is a set of resources and behaviors that are accessible to a single actor, or a group of actors. A product’s security model will typically define multiple spheres, possibly implicitly. For example, a server might define one sphere for “administrators” who can create new user accounts with subdirectories under /home/server/, and a second sphere might cover the set of users who can create or delete files within their own subdirectories. A third sphere might be “users who are authenticated to the operating system on which the product is installed.” Each sphere has different sets of actors and allowable behaviors.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-664

 

Consequences

Confidentiality, Integrity: Read Application Data, Modify Application Data, Unexpected State

 

Potential Mitigations

CVE References

CWE-67 – Improper Handling of Windows Device Names

Read Time:2 Minute, 22 Second

Description

The software constructs pathnames from user input, but it does not handle or incorrectly handles a pathname containing a Windows device name such as AUX or CON. This typically leads to denial of service or an information exposure when the application attempts to process the pathname as a regular file.

Not properly handling virtual filenames (e.g. AUX, CON, PRN, COM1, LPT1) can result in different types of vulnerabilities. In some cases an attacker can request a device via injection of a virtual filename in a URL, which may cause an error that leads to a denial of service or an error page that reveals sensitive information. A software system that allows device names to bypass filtering runs the risk of an attacker injecting malicious code in a file with the name of a device.

Historically, there was a bug in the Windows operating system that caused a blue screen of death. Even after that issue was fixed DOS device names continue to be a factor.

Modes of Introduction:

– Architecture and Design

 

Likelihood of Exploit: High

 

Related Weaknesses

CWE-66

 

Consequences

Availability, Confidentiality, Other: DoS: Crash, Exit, or Restart, Read Application Data, Other

 

Potential Mitigations

Phase: Implementation

Description: 

Be familiar with the device names in the operating system where your system is deployed. Check input for these device names.

CVE References

  • CVE-2002-0106
    • Server allows remote attackers to cause a denial of service via a series of requests to .JSP files that contain an MS-DOS device name.
  • CVE-2002-0200
    • Server allows remote attackers to cause a denial of service via an HTTP request for an MS-DOS device name.
  • CVE-2002-1052
    • Product allows remote attackers to use MS-DOS device names in HTTP requests to cause a denial of service or obtain the physical path of the server.
  • CVE-2001-0493
    • Server allows remote attackers to cause a denial of service via a URL that contains an MS-DOS device name.
  • CVE-2001-0558
    • Server allows a remote attacker to create a denial of service via a URL request which includes a MS-DOS device name.
  • CVE-2000-0168
    • Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the “DOS Device in Path Name” vulnerability.
  • CVE-2001-0492
    • Server allows remote attackers to determine the physical path of the server via a URL containing MS-DOS device names.
  • CVE-2004-0552
    • Product does not properly handle files whose names contain reserved MS-DOS device names, which can allow malicious code to bypass detection when it is installed, copied, or executed.
  • CVE-2005-2195
    • Server allows remote attackers to cause a denial of service (application crash) via a URL with a filename containing a .cgi extension and an MS-DOS device name.

CWE-670 – Always-Incorrect Control Flow Implementation

Read Time:49 Second

Description

The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.

This weakness captures cases in which a particular code segment is always incorrect with respect to the algorithm that it is implementing. For example, if a C programmer intends to include multiple statements in a single block but does not include the enclosing braces (CWE-483), then the logic is always incorrect. This issue is in contrast to most weaknesses in which the code usually behaves correctly, except when it is externally manipulated in malicious ways.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-691

 

Consequences

Other: Other, Alter Execution Logic

 

Potential Mitigations

CVE References

  • CVE-2021-3011
    • virtual interrupt controller in a virtualization product allows crash of host by writing a certain invalid value to a register, which triggers a fatal error instead of returning an error code

CWE-671 – Lack of Administrator Control over Security

Read Time:39 Second

Description

The product uses security features in a way that prevents the product’s administrator from tailoring security settings to reflect the environment in which the product is being used. This introduces resultant weaknesses or prevents it from operating at a level of security that is desired by the administrator.

If the product’s administrator does not have the ability to manage security-related decisions at all times, then protecting the product from outside threats – including the product’s developer – can become impossible. For example, a hard-coded account name and password cannot be changed by the administrator, thus exposing that product to attacks that the administrator can not prevent.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-657

 

Consequences

Other: Varies by Context

 

Potential Mitigations

CVE References

CWE-672 – Operation on a Resource after Expiration or Release

Read Time:41 Second

Description

The software uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-666

 

Consequences

Integrity, Confidentiality: Modify Application Data, Read Application Data

If a released resource is subsequently reused or reallocated, then an attempt to use the original resource might allow access to sensitive data that is associated with a different user or entity.

Other, Availability: Other, DoS: Crash, Exit, or Restart

When a resource is released it might not be in an expected state, later attempts to access the resource may lead to resultant errors that may lead to a crash.

 

Potential Mitigations

CVE References

  • CVE-2009-3547
    • chain: race condition might allow resource to be released before operating on it, leading to NULL dereference

CWE-673 – External Influence of Sphere Definition

Read Time:22 Second

Description

The product does not prevent the definition of control spheres from external actors.

Typically, a product defines its control sphere within the code itself, or through configuration by the product’s administrator. In some cases, an external party can change the definition of the control sphere. This is typically a resultant weakness.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-664

 

Consequences

Other: Other

 

Potential Mitigations

CVE References

CWE-674 – Uncontrolled Recursion

Read Time:1 Minute, 29 Second

Description

The product does not properly control the amount of recursion which takes place, consuming excessive resources, such as allocated memory or the program stack.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-691

 

Consequences

Availability: DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory)

Resources including CPU, memory, and stack memory could be rapidly consumed or exhausted, eventually leading to an exit or crash.

Confidentiality: Read Application Data

In some cases, an application’s interpreter might kill a process or thread that appears to be consuming too much resources, such as with PHP’s memory_limit setting. When the interpreter kills the process/thread, it might report an error containing detailed information such as the application’s installation path.

 

Potential Mitigations

Phase: Implementation

Effectiveness: Moderate

Description: 

Ensure an end condition will be reached under all logic conditions. The end condition may include testing against the depth of recursion and exiting with an error if the recursion goes too deep. The complexity of the end condition contributes to the effectiveness of this action.

Phase: Implementation

Effectiveness: Limited

Description: 

Increase the stack size.

Increasing the stack size might only be a temporary measure, since the stack typically is still not very large, and it might remain easy for attackers to cause an out-of-stack fault.

CVE References

  • CVE-2007-3409
    • Self-referencing pointers create infinite loop and resultant stack exhaustion.
  • CVE-2016-10707
    • Javascript application accidentally changes input in a way that prevents a recursive call from detecting an exit condition.
  • CVE-2016-3627
    • An attempt to recover a corrupted XML file infinite recursion protection counter was not always incremented missing the exit condition.
  • CVE-2019-15118
    • USB-audio driver’s descriptor code parsing allows unlimited recursion leading to stack exhaustion.