CWE-1243: Sensitive Non-Volatile Information Not Protected During Debug
Access to security-sensitive information stored in fuses is not limited during debug.
Last updated
Overview
Several security-sensitive values are programmed into fuses to be used during early-boot flows or later at runtime. Examples of these security-sensitive values include root keys, encryption keys, manufacturing-specific information, chip-manufacturer-specific information, and original-equipment-manufacturer (OEM) data. After the chip is powered on, these values are sensed from fuses and stored in temporary locations such as registers and local memories. These locations are typically access-control protected from untrusted agents capable of accessing them. Even to trusted agents, only read-access is provided.
Common consequences
What can happen when CWE-1243 is exploited.
Modify Memory, Read Memory, Bypass Protection Mechanism
Affects: Confidentiality, Access Control
If these locations are not blocked during debug operations, it can allow a user to access this sensitive information.
How it happens
When it is introduced
Typically introduced during these phases of the software lifecycle.
How to prevent it
Practical mitigations for CWE-1243, grouped by where in the lifecycle they apply.