logo

CWE-1319 - Improper Protection against Electromagnetic Fault Injection (EM-FI)

CWE-1319

  • Abstraction:
  • Base
  • Structure:
  • Simple
  • Status:
  • Incomplete
Weakness Name

Improper Protection against Electromagnetic Fault Injection (EM-FI)

Description

The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed.

Electromagnetic fault injection may allow an attacker to locally and dynamically modify the signals (both internal and external) of an integrated circuit. EM-FI attacks consist of producing a local, transient magnetic field near the device, inducing current in the device wires. A typical EMFI setup is made up of a pulse injection circuit that generates a high current transient in an EMI coil, producing an abrupt magnetic pulse which couples to the target producing faults in the device, which can lead to:

Common Consequences

Scope: Confidentiality, Integrity, Access Control, Availability

Impact: Modify Memory, Read Memory, Gain Privileges or Assume Identity, Bypass Protection Mechanism, Execute Unauthorized Code or Commands

Related Weaknesses
  • Release Date:
  • 2020-12-10
  • Latest Modification Date:
  • 2023-10-26

Free security scan for your website