Base weakness

Incomplete

CWE-1319: Improper Protection against Electromagnetic Fault Injection (EM-FI)

The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed.

Last updated May 1, 2026

5

Recorded CVEs

With this primary weakness

0

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Base

Abstraction

MITRE classification

Overview

Electromagnetic fault injection may allow an attacker to locally and dynamically modify the signals (both internal and external) of an integrated circuit. EM-FI attacks consist of producing a local, transient magnetic field near the device, inducing current in the device wires. A typical EMFI setup is made up of a pulse injection circuit that generates a high current transient in an EMI coil, producing an abrupt magnetic pulse which couples to the target producing faults in the device, which can lead to: Bypassing security mechanisms such as secure JTAG or Secure Boot Leaking device information Modifying program flow Perturbing secure hardware modules (e.g. random number generators)

Real-world CVEs

5 recorded CVEs are caused by CWE-1319 (Improper Protection against Electromagnetic Fault Injection (EM-FI)). The highest-severity and most recent are shown first. 0 new CWE-1319 CVEs have been recorded so far in 2026 (1 in 2025).

High · CVSS 7.6 · EPSS 27th

2023-12-12

CVE-2025-1566

High · CVSS 7.5 · EPSS 45th

2025-04-16

CVE-2023-5138

Glitch detection not active by default in Silicon Labs Secure Vault High devices

Medium · CVSS 6.8 · EPSS 15th

2024-01-03

Common consequences

What can happen when CWE-1319 is exploited.

Modify Memory, Read Memory, Gain Privileges or Assume Identity, Bypass Protection Mechanism, Execute Unauthorized Code or Commands

Affects: Confidentiality, Integrity, Access Control, Availability

How it happens

When it is introduced

Typically introduced during these phases of the software lifecycle.

Architecture and Design

Implementation

Applies to

Technologies

System on Chip

Microcontroller Hardware

Memory Hardware

Power Management Hardware

Processor Hardware

Test/Debug Hardware

Sensor Hardware

How to prevent it

Practical mitigations for CWE-1319, grouped by where in the lifecycle they apply.

Architecture and Design

Implementation

1. Redundancy - By replicating critical operations and comparing the two outputs can help indicate whether a fault has been injected.
2. Error detection and correction codes - Gay, Mael, et al. proposed a new scheme that not only detects faults injected by a malicious adversary but also automatically corrects single nibble/byte errors introduced by low-multiplicity faults.
3. Fail by default coding - When checking conditions (switch or if) check all possible cases and fail by default because the default case in a switch (or the else part of a cascaded if-else-if construct) is used for dealing with the last possible (and valid) value without checking. This is prone to fault injection because this alternative is easily selected as a result of potential data manipulation [REF-1141].
4. Random Behavior - adding random delays before critical operations, so that timing is not predictable.
5. Program Flow Integrity Protection - The program flow can be secured by integrating run-time checking aiming at detecting control flow inconsistencies. One such example is tagging the source code to indicate the points not to be bypassed [REF-1147].
6. Sensors - Usage of sensors can detect variations in voltage and current.
7. Shields - physical barriers to protect the chips from malicious manipulation.

Code examples

Illustrative examples from MITRE showing how the weakness appears in code.

In many devices, security related information is stored in fuses. These fuses are loaded into shadow registers at boot time. Disturbing this transfer phase with EM-FI can lead to the shadow registers storing erroneous values potentially resulting in reduced security.

Colin O'Flynn has demonstrated an attack scenario [REF-1144] that uses electro-magnetic glitching during booting to bypass security and gain read access to flash, read and erase access to shadow memory area (where the private password is stored). Most devices in the MPC55xx and MPC56xx series that include the Boot Assist Module (BAM) (a serial or CAN bootloader mode) are susceptible to this attack. In this paper, a GM ECU was used as a real life target. While the success rate appears low (less than 2 percent), in practice a success can be found within 1-5 minutes once the EMFI tool is setup. In a practical scenario, the author showed that success can be achieved within 30-60 minutes from a cold start.

Illustrative examples

Real CVEs that MITRE cites as examples of this weakness.

CVE-2020-27211 — Chain: microcontroller system-on-chip uses a register value stored in flash to set product protection state on the memory bus and does not contain protection against fault injection (CWE-1319) which leads to an incorrect initialization of the memory bus (CWE-1419) leading the product to be in an unprotected state.

Attack patterns

CAPEC attack patterns that exploit this weakness.

Frequently asked questions

Common questions about CWE-1319.

What is CWE-1319?

The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed.

What CVEs are caused by CWE-1319?

5 recorded CVEs are attributed to CWE-1319, including CVE-2024-31510, CVE-2022-26131, CVE-2022-42784.

What are the consequences of CWE-1319?

Exploiting CWE-1319 can lead to: Modify Memory, Read Memory, Gain Privileges or Assume Identity, Bypass Protection Mechanism, Execute Unauthorized Code or Commands.

Is CWE-1319 actively exploited?

5 recorded CVEs are caused by CWE-1319; none are currently in CISA's KEV catalog of actively exploited flaws.

References

Weakness data is sourced from the MITRE CWE catalog (v4.20). CVE associations are aggregated and kept current by RadicalNotion.AI.

Stay ahead of CWE-1319

Get alerted the moment a new CWE-1319 vulnerability affects your stack, with AI-written analysis, severity context, and remediation guidance.

Start free See pricing