logo

CWE-1253 - Incorrect Selection of Fuse Values

CWE-1253

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Incorrect Selection of Fuse Values

Description

The logic level used to set a system to a secure state relies on a fuse being unblown. An attacker can set the system to an insecure state merely by blowing the fuse.

Fuses are often used to store secret data, including security configuration data. When not blown, a fuse is considered to store a logic 0, and, when blown, it indicates a logic 1. Fuses are generally considered to be one-directional, i.e., once blown to logic 1, it cannot be reset to logic 0. However, if the logic used to determine system-security state (by leveraging the values sensed from the fuses) uses negative logic, an attacker might blow the fuse and drive the system to an insecure state.

Common Consequences

Scope: Access Control, Authorization

Impact: Bypass Protection Mechanism, Gain Privileges or Assume Identity

Scope: Availability

Impact: DoS: Crash, Exit, or Restart

Scope: Confidentiality

Impact: Read Memory

Scope: Integrity

Impact: Modify Memory, Execute Unauthorized Code or Commands

Related Weaknesses
  • Release Date:
  • 2020-02-24
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website