Category: Core and Compute Issues
Draft
Summary
Weaknesses in this category are typically associated with CPUs, Graphics, Vision, AI, FPGA, and microcontrollers.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-1252 | CPU Hardware Not Configured to Support Exclusivity of Write and Execute Operations | This vulnerability occurs when a CPU's hardware is not set up to enforce a strict separation between writing data to memory and executing instructions from it. Without this hardware-level protection, attackers can potentially write malicious code into memory and then run it. |
| CWE-1281 | Sequence of Processor Instructions Leads to Unexpected Behavior | Certain sequences of valid and invalid processor instructions can cause the CPU to lock up or behave unpredictably, often requiring a hard reset to recover. |
| CWE-1342 | Information Exposure through Microarchitectural State after Transient Execution | This vulnerability occurs when a CPU fails to completely erase temporary data traces left behind by speculative execution or error recovery processes. These lingering microarchitectural hints can be analyzed through side-channels to leak sensitive information. |
| CWE-1420 | Exposure of Sensitive Information during Transient Execution | Transient execution vulnerabilities occur when a processor speculatively runs operations that don't officially commit, potentially leaking sensitive data through covert side channels like cache timing. |
| CWE-1194 | Hardware Design | This view organizes weaknesses around concepts that are frequently used or encountered in hardware design. Accordingly, this view can align closely with the perspectives of designers, manufacturers, educators, and assessment vendors. It provides a variety of categories that are intended to simplify navigation, browsing, and mapping. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.