Insufficient Protection Against Instruction Skipping Via Fault Injection
The device is missing or incorrectly implements circuitry or sensors to detect and mitigate CPU instruction skips that can be caused by fault injection.
Fault Injection is a technique used by adversaries to alter the operating conditions of hardware so that unexpected behavior occurs. Generally, this is accomplished by causing the device to operate outside of its expected conditions or by inducing electrical disturbances in the device. A weakness may arise in systems that do not properly protect against common fault injection techniques targeting the skipping of security critical instructions.
In practice, application code may contain conditional branches that are security-sensitive (e.g., accepting or rejecting a user-provided password. These conditional branches are typically implemented by a single conditional branch instruction in the program binary which, if skipped through fault injection, may lead to flipping the branch condition - i.e., causing the wrong security-sensitive branch to be taken. This affects processes such as firmware authentication, password verification, and other security-sensitive decision points.
Weaknesses in this category are related to system power, voltage, current, temperature, clocks, system state saving/restoring, and resets at the platform and SoC level.
This view (slice) covers all the elements in CWE.
CWE identifiers in this view are weaknesses that do not have associated Software Fault Patterns (SFPs), as covered by the CWE-888 view. As such, they represent gaps in...
This view (slice) lists weaknesses that can be introduced during implementation.