Read Time:30 Second
Description
The device does not contain or contains incorrectly implemented circuitry or sensors to detect and mitigate voltage and clock glitches and protect sensitive information or software contained on the device.
Modes of Introduction:
– Operation
Related Weaknesses
Consequences
Confidentiality, Integrity, Availability, Access Control: Gain Privileges or Assume Identity, Bypass Protection Mechanism, Read Memory, Modify Memory, Execute Unauthorized Code or Commands
Potential Mitigations
Phase: Architecture and Design, Implementation
Description:
CVE References
- CVE-2019-17391
- Lack of anti-glitch protections allows an attacker to launch a physical attack to bypass the secure boot and read protected eFuses.