CWE-1253: Incorrect Selection of Fuse Values
The logic level used to set a system to a secure state relies on a fuse being unblown.
Last updated
Overview
Fuses are often used to store secret data, including security configuration data. When not blown, a fuse is considered to store a logic 0, and, when blown, it indicates a logic 1. Fuses are generally considered to be one-directional, i.e., once blown to logic 1, it cannot be reset to logic 0.
Real-world CVEs
1 recorded CVEs are caused by CWE-1253 (Incorrect Selection of Fuse Values). The highest-severity and most recent are shown first.
Common consequences
What can happen when CWE-1253 is exploited.
Bypass Protection Mechanism, Gain Privileges or Assume Identity
Affects: Access Control, Authorization
If the logic used to determine system-security state (by leveraging the values sensed from the fuses) uses negative logic, an attacker might blow the fuse and drive the system to an insecure state.
DoS: Crash, Exit, or Restart
Affects: Availability
Read Memory
Affects: Confidentiality
Modify Memory, Execute Unauthorized Code or Commands
Affects: Integrity