Category: Debug and Test Problems
Draft
Summary
Weaknesses in this category are related to hardware debug and test interfaces such as JTAG and scan chain.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-1191 | On-Chip Debug and Test Interface With Improper Access Control | This vulnerability occurs when a hardware chip's debug or test interface (like JTAG) lacks proper access controls. Without correct authorization checks, unauthorized users can read or modify sensitive internal registers and bypass the chip's built-in security protections. |
| CWE-1234 | Hardware Internal or Debug Modes Allow Override of Locks | Hardware debug modes or internal states can bypass critical system lock protections, allowing unauthorized changes to device configuration. |
| CWE-1243 | Sensitive Non-Volatile Information Not Protected During Debug | This vulnerability occurs when security-critical data stored in hardware fuses is left unprotected and accessible during debug modes. |
| CWE-1244 | Internal Asset Exposed to Unsafe Debug Access Level or State | This vulnerability occurs when a system's debug or test interface supports multiple access levels, but an internal asset is incorrectly assigned a permissive debug access level. This mistake allows untrusted debug agents to access sensitive internal assets they should not be able to reach. |
| CWE-1258 | Exposure of Sensitive System Information Due to Uncleared Debug Information | This vulnerability occurs when hardware fails to erase sensitive data like cryptographic keys and intermediate values before entering debug mode, leaving them exposed. |
| CWE-1272 | Sensitive Information Uncleared Before Debug/Power State Transition | This vulnerability occurs when a device changes its power mode or enters a debug state but fails to wipe sensitive data that should become inaccessible after the transition. |
| CWE-1291 | Public Key Re-Use for Signing both Debug and Production Code | This vulnerability occurs when the same cryptographic key is used to sign both development/debug software builds and final production releases. This insecure practice allows debug versions, which often contain powerful diagnostic features, to be validated and run on live production systems. |
| CWE-1295 | Debug Messages Revealing Unnecessary Information | The product's debug messages or logs expose excessive internal system details, potentially revealing sensitive information that could aid an attacker. |
| CWE-1296 | Incorrect Chaining or Granularity of Debug Components | This vulnerability occurs when hardware debug components, such as test ports and scan chains, are incorrectly connected or organized within a chip's design. This misconfiguration can create unintended access paths, potentially exposing sensitive internal data or functions. |
| CWE-1313 | Hardware Allows Activation of Test or Debug Logic at Runtime | This vulnerability occurs when hardware includes test or debug features that remain accessible during normal operation. An attacker can activate these features at runtime to alter the hardware's state, bypass security controls, and potentially leak or manipulate sensitive data. |
| CWE-1323 | Improper Management of Sensitive Trace Data | This vulnerability occurs when sensitive trace data from a System-on-Chip (SoC), such as information from CPUs or cryptographic modules, is stored in unsecured memory or transmitted to unauthorized debuggers, potentially exposing confidential information. |
| CWE-319 | Cleartext Transmission of Sensitive Information | This vulnerability occurs when an application sends sensitive data, such as passwords or personal information, over a network connection without using encryption. Attackers can easily intercept and read this unprotected data as it travels. |
| CWE-1194 | Hardware Design | This view organizes weaknesses around concepts that are frequently used or encountered in hardware design. Accordingly, this view can align closely with the perspectives of designers, manufacturers, educators, and assessment vendors. It provides a variety of categories that are intended to simplify navigation, browsing, and mapping. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.