CWE-1279: Cryptographic Operations are run Before Supporting Units are Ready

Performing cryptographic operations without ensuring that the supporting inputs are ready to supply valid data may compromise the cryptographic result.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Base

Abstraction

MITRE classification

Overview

Many cryptographic hardware units depend upon other hardware units to supply information to them to produce a securely encrypted result. For example, a cryptographic unit that depends on an external random-number-generator (RNG) unit for entropy must wait until the RNG unit is producing random numbers. If a cryptographic unit retrieves a private encryption key from a fuse unit, the fuse unit must be up and running before a key may be supplied.

CWE-1279: Cryptographic Operations are run Before Supporting Units are Ready

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Applies to

How to prevent it

Code examples

Attack patterns

Frequently asked questions

What is CWE-1279?

What CVEs are caused by CWE-1279?

How do you prevent CWE-1279?

What are the consequences of CWE-1279?

Is CWE-1279 actively exploited?

References

Stay ahead of CWE-1279

Overview

Real-world CVEs

Common consequences

How it happens

When it is introduced

Applies to

How to prevent it

Code examples

Related weaknesses

Parent

Attack patterns

Frequently asked questions

What is CWE-1279?

What CVEs are caused by CWE-1279?

How do you prevent CWE-1279?

What are the consequences of CWE-1279?

Is CWE-1279 actively exploited?

References

Stay ahead of CWE-1279