Manufacturing and Life Cycle Management Concerns

A category in the Common Weakness Enumeration published by The MITRE Corporation.


Summary

Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.

Weaknesses in this category are root-caused to defects that arise in the semiconductor-manufacturing process or during the life cycle and supply chain.

Weaknesses

Device Unlock Credential Sharing

The credentials necessary for unlocking a device are shared across multiple parties and may expose sensitive information.

Improper Scrubbing of Sensitive Data from Decommissioned Device

The product does not properly provide a capability for the product administrator to remove sensitive data at the time the product is decommissioned. A scrubbing capab...

Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques

Information stored in hardware may be recovered by an attacker with the capability to capture and analyze images of the integrated circuit using techniques such as sca...

Product Released in Non-Release Configuration

The product released to market is released in pre-production or manufacturing configuration.

Semiconductor Defects in Hardware Logic with Security-Sensitive Implications

The security-sensitive hardware module contains semiconductor defects.

Unprotected Confidential Information on Device is Accessible by OSAT Vendors

The product does not adequately protect confidential information on the device from being accessed by Outsourced Semiconductor Assembly and Test (OSAT) vendors.

Concepts

Hardware Design

This view organizes weaknesses around concepts that are frequently used or encountered in hardware design. Accordingly, this view can align closely with the perspectiv...


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.