CWE-1313: Hardware Allows Activation of Test or Debug Logic at Runtime
During runtime, the hardware allows for test or debug logic (feature) to be activated, which allows for changing the state of the hardware. This feature can alter the intended behavior of the system and allow for alteration and leakage of sensitive data by an adversary.
Last updated
Overview
An adversary can take advantage of test or debug logic that is made accessible through the hardware during normal operation to modify the intended behavior of the system. For example, an accessible Test/debug mode may allow read/write access to any system data. Using error injection (a common test/debug feature) during a transmit/receive operation on a bus, data may be modified to produce an unintended message. Similarly, confidentiality could be compromised by such features allowing access to secrets.
Real-world CVEs
2 recorded CVEs are caused by CWE-1313 (Hardware Allows Activation of Test or Debug Logic at Runtime). The highest-severity and most recent are shown first. 1 new CWE-1313 CVE has been recorded so far in 2026 (1 in 2025).
Common consequences
What can happen when CWE-1313 is exploited.
Modify Memory, Read Memory, DoS: Crash, Exit, or Restart, DoS: Instability, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory), DoS: Resource Consumption (Other), Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity, Bypass Protection Mechanism, Alter Execution Logic, Quality Degradation, Unexpected State, Reduce Performance, Reduce Reliability
Affects: Confidentiality, Integrity, Availability
How it happens
When it is introduced
Typically introduced during these phases of the software lifecycle.
How to prevent it
Practical mitigations for CWE-1313, grouped by where in the lifecycle they apply.
Insert restrictions on when the hardware's test or debug features can be activated. For example, during normal operating modes, the hardware's privileged modes that allow access to such features cannot be activated. Configuring the hardware to only enter a test or debug mode within a window of opportunity such as during boot or configuration stage. The result is disablement of such test/debug features and associated modes during normal runtime operations.
Insert restrictions on when the hardware's test or debug features can be activated. For example, during normal operating modes, the hardware's privileged modes that allow access to such features cannot be activated. Configuring the hardware to only enter a test or debug mode within a window of opportunity such as during boot or configuration stage. The result is disablement of such test/debug features and associated modes during normal runtime operations.
Insert restrictions on when the hardware's test or debug features can be activated. For example, during normal operating modes, the hardware's privileged modes that allow access to such features cannot be activated. Configuring the hardware to only enter a test or debug mode within a window of opportunity such as during boot or configuration stage. The result is disablement of such test/debug features and associated modes during normal runtime operations.
Illustrative examples
Real CVEs that MITRE cites as examples of this weakness.
- CVE-2021-33150 — Hardware processor allows activation of test or debug logic at runtime.
- CVE-2021-0146 — Processor allows the activation of test or debug logic at runtime, allowing escalation of privileges
Attack patterns
CAPEC attack patterns that exploit this weakness.
Frequently asked questions
Common questions about CWE-1313.
- What is CWE-1313?
- During runtime, the hardware allows for test or debug logic (feature) to be activated, which allows for changing the state of the hardware. This feature can alter the intended behavior of the system and allow for alteration and leakage of sensitive data by an adversary.
- What CVEs are caused by CWE-1313?
- 2 recorded CVEs are attributed to CWE-1313, including CVE-2025-2919, CVE-2026-36027.
- How do you prevent CWE-1313?
- Insert restrictions on when the hardware's test or debug features can be activated. For example, during normal operating modes, the hardware's privileged modes that allow access to such features cannot be activated. Configuring the hardware to only enter a test or debug mode within a window of opportunity such as during boot or configuration stage. The result is disablement of such test/debug features and associated modes during normal runtime operations.
- What are the consequences of CWE-1313?
- Exploiting CWE-1313 can lead to: Modify Memory, Read Memory, DoS: Crash, Exit, or Restart, DoS: Instability, DoS: Resource Consumption (CPU), DoS: Resource Consumption (Memory).
- Is CWE-1313 actively exploited?
- 2 recorded CVEs are caused by CWE-1313; none are currently in CISA's KEV catalog of actively exploited flaws.
References
- MITRE CWE definition (CWE-1313) (opens in a new tab)
- CWE-1313 vulnerabilities on NVD (opens in a new tab)
- Learn: What is a CWE?
Weakness data is sourced from the MITRE CWE catalog (v4.20). CVE associations are aggregated and kept current by RadicalNotion.AI.
Stay ahead of CWE-1313
Get alerted the moment a new CWE-1313 vulnerability affects your stack, with AI-written analysis, severity context, and remediation guidance.