Several security-sensitive values are programmed into fuses to be used during early-boot flows or later at runtime. Examples of these security-sensitive values include root keys, encryption keys, manufacturing-specific information, chip-manufacturer-specific information, and original-equipment-manufacturer (OEM) data. After the chip is powered on, these values are sensed from fuses and stored in temporary locations such as registers and local memories. These locations are typically access-control protected from untrusted agents capable of accessing them. Even to trusted agents, only read-access is provided. However, these locations are not blocked during debug operations, allowing a user to access this sensitive information.
| Impact | Details |
|---|---|
|
Modify Memory; Bypass Protection Mechanism |
Scope: Confidentiality, Access Control |
| Phase(s) | Mitigation |
|---|---|
|
Architecture and Design; Implementation |
Disable access to security-sensitive information stored in fuses directly and also reflected from temporary storage locations when in debug mode. |
| Nature | Type | ID | Name |
|---|---|---|---|
| ChildOf | Class Class - a weakness that is described in a very abstract fashion, typically independent of any specific language or technology. More specific than a Pillar Weakness, but more general than a Base Weakness. Class level weaknesses typically describe issues in terms of 1 or 2 of the following dimensions: behavior, property, and resource. | 1263 | Improper Physical Access Control |
| Nature | Type | ID | Name |
|---|---|---|---|
| MemberOf | Category Category - a CWE entry that contains a set of other entries that share a common characteristic. | 1207 | Debug and Test Problems |
| Phase | Note |
|---|---|
| Architecture and Design | |
| Implementation |
Class: Not Language-Specific (Undetermined Prevalence)
Class: Not OS-Specific (Undetermined Prevalence)
Class: Not Architecture-Specific (Undetermined Prevalence)
Class: Not Technology-Specific (Undetermined Prevalence)
Example 1
Sensitive manufacturing data (such as die information) are stored in fuses. When the chip powers on, these values are read from the fuses and stored in microarchitectural registers. These registers are only given read access to trusted software running on the core. Untrusted software running on the core is not allowed to access these registers.
Example 2
The example code below is taken from one of the AES cryptographic accelerators of the HACK@DAC'21 buggy OpenPiton SoC [REF-1366]. The operating system (OS) uses three AES keys to encrypt and decrypt sensitive data using this accelerator. These keys are sensitive data stored in fuses. The security of the OS will be compromised if any of these AES keys are leaked. During system bootup, these AES keys are sensed from fuses and stored in temporary hardware registers of the AES peripheral. Access to these temporary registers is disconnected during the debug state to prevent them from leaking through debug access. In this example (see the vulnerable code source), the registers key0, key1, and key2 are used to store the three AES keys (which are accessed through key_big0, key_big1, and key_big2 signals). The OS selects one of these three keys through the key_big signal, which is used by the AES engine.
The above code illustrates an instance of a vulnerable implementation for blocking AES key mechanism when the system is in debug mode (i.e., when debug_mode_i is asserted). During debug mode, key accesses through key_big0 and key_big1 are effectively disconnected, as their values are set to zero. However, the key accessed via the key_big2 signal remains accessible, creating a potential pathway for sensitive fuse data leakage, specifically AES key2, during debug mode. Furthermore, even though it is not strictly necessary to disconnect the key_big signal when entering debug mode (since disconnecting key_big0, key_big1, and key_big2 will inherently disconnect key_big), it is advisable, in line with the defense-in-depth strategy, to also sever the connection to key_big. This additional security measure adds an extra layer of protection and safeguards the AES keys against potential future modifications to the key_big logic.
To mitigate this, disconnect access through key_big2 and key_big during debug mode [REF-1367].
| Nature | Type | ID | Name |
|---|---|---|---|
| MemberOf | CategoryCategory - a CWE entry that contains a set of other entries that share a common characteristic. | 1396 | Comprehensive Categorization: Access Control |
Rationale
This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.Comments
Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.| Submissions | |||
|---|---|---|---|
| Submission Date | Submitter | Organization | |
|
2020年02月12日
(CWE 4.0, 2020年02月24日) |
Arun Kanuparthi, Hareesh Khattri, Parbati Kumar Manna, Narasimha Kumar V Mangipudi | Intel Corporation | |
| Contributions | |||
| Contribution Date | Contributor | Organization | |
| 2023年06月21日 | Chen Chen, Rahul Kande, Jeyavijayan Rajendran | Texas A&M University | |
| suggested demonstrative example | |||
| 2023年06月21日 | Shaza Zeitouni, Mohamadreza Rostami, Ahmad-Reza Sadeghi | Technical University of Darmstadt | |
| suggested demonstrative example | |||
| Modifications | |||
| Modification Date | Modifier | Organization | |
|
2025年04月03日
(CWE 4.17, 2025年04月03日) |
CWE Content Team | MITRE | |
| updated Demonstrative_Examples | |||
| 2023年10月26日 | CWE Content Team | MITRE | |
| updated Demonstrative_Examples, References | |||
| 2023年06月29日 | CWE Content Team | MITRE | |
| updated Mapping_Notes | |||
| 2023年04月27日 | CWE Content Team | MITRE | |
| updated Relationships | |||
| 2022年10月13日 | CWE Content Team | MITRE | |
| updated Relationships | |||
| 2021年07月20日 | CWE Content Team | MITRE | |
| updated Relationships | |||
| 2021年03月15日 | CWE Content Team | MITRE | |
| updated Description | |||
| 2020年08月20日 | CWE Content Team | MITRE | |
| updated Applicable_Platforms, Demonstrative_Examples, Description, Name, Potential_Mitigations, Related_Attack_Patterns | |||
| 2020年06月25日 | CWE Content Team | MITRE | |
| updated Relationships | |||
| Previous Entry Names | |||
| Change Date | Previous Entry Name | ||
| 2020年08月20日 | Exposure of Security-Sensitive Fuse Values During Debug | ||
Use of the Common Weakness Enumeration (CWE™) and the associated references from this website are subject to the Terms of Use. CWE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2006–2025, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation.