CWE-1319 - Improper Protection against Electromagnetic Fault Injection (EM-FI)
CWE-1319
- Abstraction:
- Base
- Structure:
- Simple
- Status:
- Incomplete
- Weakness Name
Improper Protection against Electromagnetic Fault Injection (EM-FI)
- Description
The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed.
Electromagnetic fault injection may allow an attacker to locally and dynamically modify the signals (both internal and external) of an integrated circuit. EM-FI attacks consist of producing a local, transient magnetic field near the device, inducing current in the device wires. A typical EMFI setup is made up of a pulse injection circuit that generates a high current transient in an EMI coil, producing an abrupt magnetic pulse which couples to the target producing faults in the device, which can lead to:
- Common Consequences
Scope: Confidentiality, Integrity, Access Control, Availability
Impact: Modify Memory, Read Memory, Gain Privileges or Assume Identity, Bypass Protection Mechanism, Execute Unauthorized Code or Commands
- Related Weaknesses
- Release Date:
- 2020-12-10
- Latest Modification Date:
- 2023-10-26
Free security scan for your website