CWE-1264
Hardware Logic with Insecure De-Synchronization between Control and Data Channels
The hardware logic for error handling and security checks can incorrectly forward data before the security check is complete.
Mitigation
Phase: Architecture and Design
Description:
- Thoroughly verify the data routing logic to ensure that any error handling or security checks effectively block illegal dataflows.
CAPEC-233: Privilege Escalation
An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
CAPEC-663: Exploitation of Transient Instruction Execution
An adversary exploits a hardware design flaw in a CPU implementation of transient instruction execution to expose sensitive data and bypass/subvert access control over restricted resources. Typically, the adversary conducts a covert channel attack to target non-discarded microarchitectural changes caused by transient executions such as speculative execution, branch prediction, instruction pipelining, and/or out-of-order execution. The transient execution results in a series of instructions (gadgets) which construct covert channel and access/transfer the secret data.