logo

Improper Restriction of Power Consumption

Incomplete Base
Structure: Simple
Description

This vulnerability occurs when software running on a power-constrained device, like a battery-powered mobile or embedded system, fails to actively manage and limit its own energy usage.

Extended Description

In mobile or embedded environments, power is a finite resource. Devices often rely on batteries or intermittent power sources that can't be automatically recharged by the software itself. If an application drains power too quickly, it can cause the entire device to shut down prematurely or increase operational costs, directly impacting the user experience and device reliability. While normal operation consumes power, an attacker can exploit this weakness by forcing the application to overuse key hardware components. Common targets for excessive power drain include the display, CPU, disk storage, GPS, audio systems, microphone, and USB interfaces. Developers must implement safeguards to monitor and throttle activity in these areas to prevent unintended energy depletion.
Common Consequences 1
Scope: Availability

Impact: DoS: Resource Consumption (Other)DoS: Crash, Exit, or Restart

The power source could be drained, causing the application - and the entire device - to cease functioning.
Applicable Platforms
Languages:
Not Language-Specific : Undetermined
Technologies:
Mobile : Undetermined
Modes of Introduction
Architecture and Design
Related Weaknesses
ChildOf: Uncontrolled Resource Consumption (CWE-400)
ChildOf: Uncontrolled Resource Consumption (CWE-400)
Taxonomy Mapping
  • ISA/IEC 62443
  • ISA/IEC 62443
  • ISA/IEC 62443