Improper Handling of Extreme Physical Environment Conditions

The product does not properly detect and handle extreme conditions in the product's physical environment, such as temperature, radiation, humidity, power, or other physical phenomena.


Description

Hardware products are typically only guaranteed to behave correctly within certain environmental limits, such as running between minimum and maximum temperatures. Such products cannot necessarily control the external conditions that they are subjected to. However, the inability to detect and handle such conditions can cause the product to produce security-critical errors, e.g., flipping a bit that is used for an authentication decision. In addition, these physical conditions could be intentionally manipulated by an adversary to directly trigger such errors, although it might be technically difficult to do so.

See Also

ICS Communications: Unreliability

Weaknesses in this category are related to the "Unreliability" category from the SEI ETF "Categories of Security Vulnerabilities in ICS" as published in March 2022. No...

Comprehensive CWE Dictionary

This view (slice) covers all the elements in CWE.

Weaknesses without Software Fault Patterns

CWE identifiers in this view are weaknesses that do not have associated Software Fault Patterns (SFPs), as covered by the CWE-888 view. As such, they represent gaps in...

Weaknesses Introduced During Design

This view (slice) lists weaknesses that can be introduced during design.


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.