CWE-1332 Base Stable

Improper Handling of Faults that Lead to Instruction Skips

This vulnerability occurs when a hardware device lacks or incorrectly implements the necessary circuitry or sensors to detect and respond to the skipping of critical security instructions during CPU…

Définition

What is CWE-1332?

This vulnerability occurs when a hardware device lacks or incorrectly implements the necessary circuitry or sensors to detect and respond to the skipping of critical security instructions during CPU execution.
Hardware can behave unpredictably under certain operating conditions, such as during electrical disturbances or when pushed beyond its normal specifications. These conditions can cause the CPU to skip crucial security instructions, effectively bypassing the logic they were meant to enforce. In practice, this often targets single conditional branch instructions that control security decisions—like password verification or firmware authentication—flipping the intended outcome if skipped. Attackers exploit this by using fault injection techniques to deliberately induce these unstable operating conditions, making instruction skips happen more reliably and frequently than they would naturally. This allows them to manipulate security-critical decision points, such as bypassing authentication checks or altering firmware validation processes.
Impact réel

Real-world CVEs caused by CWE-1332

  • CVE-2019-15894

    fault injection attack bypasses the verification mode, potentially allowing arbitrary code execution.

Comment les attaquants l'exploitent

Parcours de l'attaquant étape par étape

  1. 1

    Identifier un chemin de code qui traite des entrées non fiables sans validation.

  2. 2

    Élaborer une charge utile qui exploite le comportement non sécurisé — injection, traversal, débordement ou abus de logique.

  3. 3

    Délivrer la charge utile via une requête normale et observer la réaction de l'application.

  4. 4

    Itérer jusqu'à ce que la réponse divulgue des données, exécute le code de l'attaquant ou élève les privilèges.

Exemple de code vulnérable

Vulnerable Other

A smart card contains authentication credentials that are used as authorization to enter a building. The credentials are only accessible when a correct PIN is presented to the card.

Vulnérable Other 
The card emits the credentials when a voltage anomaly is injected into the power line to the device at a particular time after providing an incorrect PIN to the card, causing the internal program to accept the incorrect PIN.
Exemple de code sécurisé

Secure Other

There are several ways this weakness could be fixed.

Sécurisé Other 
- add an internal filter or internal power supply in series with the power supply pin on the device

  - add sensing circuitry to reset the device if out of tolerance conditions are detected

  - add additional execution sensing circuits to monitor the execution order for anomalies and abort the action or reset the device under fault conditions
What changed: the unsafe sink is replaced (or the input is validated/escaped) so the same payload no longer triggers the weakness.
Liste de contrôle de prévention

How to prevent CWE-1332

  • Architecture and Design Design strategies for ensuring safe failure if inputs, such as Vcc, are modified out of acceptable ranges.
  • Architecture and Design Design strategies for ensuring safe behavior if instructions attempt to be skipped.
  • Architecture and Design Identify mission critical secrets that should be wiped if faulting is detected, and design a mechanism to do the deletion.
  • Implementation Add redundancy by performing an operation multiple times, either in space or time, and perform majority voting. Additionally, make conditional instruction timing unpredictable.
  • Implementation Use redundant operations or canaries to detect and respond to faults.
  • Implementation Ensure that fault mitigations are strong enough in practice. For example, a low power detection mechanism that takes 50 clock cycles to trigger at lower voltages may be an insufficient security mechanism if the instruction counter has already progressed with no other CPU activity occurring.
Signaux de détection

How to detect CWE-1332

Automated Static Analysis Moderate

This weakness can be found using automated static analysis once a developer has indicated which code paths are critical to protect.

Simulation / Emulation Moderate

This weakness can be found using automated dynamic analysis. Both emulation of a CPU with instruction skips, as well as RTL simulation of a CPU IP, can indicate parts of the code that are sensitive to faults due to instruction skips.

Manual Analysis Moderate

This weakness can be found using manual (static) analysis. The analyst has security objectives that are matched against the high-level code. This method is less precise than emulation, especially if the analysis is done at the higher level language rather than at assembly level.

Correction automatique Plexicus

Plexicus détecte automatiquement CWE-1332 et ouvre une PR de correction en moins de 60 secondes.

Codex Remedium analyse chaque commit, identifie cette faiblesse précise et livre une pull request prête à être relue avec le correctif. Pas de tickets. Pas de transferts.

Obtenir une démo Essayer Plexicus gratuitement
Questions fréquentes

Frequently asked questions

Qu'est-ce que CWE-1332 ?

This vulnerability occurs when a hardware device lacks or incorrectly implements the necessary circuitry or sensors to detect and respond to the skipping of critical security instructions during CPU execution.

Quelle est la gravité de CWE-1332 ?

MITRE n'a pas publié de note de probabilité d'exploitation pour cette faiblesse. Traitez-la comme un impact moyen jusqu'à ce que votre modèle de menace prouve le contraire.

Quels langages ou plateformes sont affectés par CWE-1332 ?

MITRE lists the following affected platforms: Not OS-Specific, Not Architecture-Specific, System on Chip.

Comment puis-je prévenir CWE-1332 ?

Design strategies for ensuring safe failure if inputs, such as Vcc, are modified out of acceptable ranges. Design strategies for ensuring safe behavior if instructions attempt to be skipped.

Comment Plexicus détecte et corrige CWE-1332 ?

Le moteur SAST de Plexicus reconnaît la signature de flux de données de CWE-1332 à chaque commit. Lorsqu'une correspondance est trouvée, notre agent Codex Remedium ouvre une PR de correction avec le code corrigé, les tests et un résumé d'une ligne pour le relecteur.

Où puis-je en savoir plus sur CWE-1332 ?

MITRE publie la définition canonique à https://cwe.mitre.org/data/definitions/1332.html. Vous pouvez également consulter la documentation OWASP et NIST pour des conseils adjacents.

Faiblesses associées

Weaknesses related to CWE-1332

CWE-1384 Parent

Improper Handling of Physical or Environmental Conditions

This weakness occurs when a hardware device fails to manage unexpected physical or environmental situations, whether they happen naturally…

CWE-1247 Frère

Improper Protection Against Voltage and Clock Glitches

This vulnerability occurs when a hardware device lacks proper physical safeguards against deliberate electrical manipulation. Without…

CWE-1261 Frère

Improper Handling of Single Event Upsets

This vulnerability occurs when hardware logic fails to properly manage single-event upsets (SEUs), which are temporary bit flips caused by…

CWE-1351 Frère

Improper Handling of Hardware Behavior in Exceptionally Cold Environments

This weakness occurs when a hardware device or its firmware lacks proper safeguards to maintain security functions when operated in…

Ressources

Further reading

Prêt quand vous l'êtes

Arrêtez de payer par développeur.
Commencez à fermer la boucle.

Plexicus est l'ASPM natif IA qui scanne, filtre, corrige, penteste et explique — de façon autonome. Développeurs illimités, dépôts illimités, actions IA à usage équitable. Vrai niveau gratuit, €269/mo annuel quand vous êtes prêt.

Commencer gratuitement Réserver une démo