The Most Dangerous Hardware Weaknesses, MITRE

Share post:

The non-profit organization MITRE has published a list of the most dangerous vulnerabilities in programming, design, and architecture that will affect hardware in 2021. These weaknesses are found in hardware programming and design leading to exploitable vulnerabilities and exposing systems to cyberattacks.

This list is the result of the joint work of the organization within the Hardware CWE Special Interest Group (SIG), a group of professionals from hardware design, manufacturing, research, security, academia and government.

The following list gives an insight into the ten most dangerous hardware security vulnerabilities out of 96 hardware entries in the CWE corpus.

CWE-1189Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
CWE-1191On-Chip Debug and Test Interface With Improper Access Control
CWE-1231Improper Prevention of Lock Bit Modification
CWE-1233Security-Sensitive Hardware Controls with Missing Lock Bit Protection
CWE-1240Use of a Cryptographic Primitive with a Risky Implementation
CWE-1244Internal Asset Exposed to Unsafe Debug Access Level or State
CWE-1256Improper Restriction of Software Interfaces to Hardware Features
CWE-1260Improper Handling of Overlap Between Protected Memory Ranges
CWE-1272Sensitive Information Uncleared Before Debug/Power State Transition
CWE-1274Improper Access Control for Volatile Memory Containing Boot Code
CWE-1277Firmware Not Updateable
CWE-1300Improper Protection of Physical Side Channels

The list also aims to prevent hardware security problems at the source by educating programmers and designers on how to eliminate critical bugs early in the product development lifecycle.

In addition, test engineers and safety analysts may also consider the list useful in preparing for safety tests and evaluation plans.

For more information, read the original story in BleepingComputer.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for Friday, December 8, 2023

This episode features discussion on cyber attacks against OT networks, the discovery of exposed servers with medical images and  why outdated Microsoft Exchange servers are s

Canadian mid-sized firms pay an average $1.13 million to ransomware gangs

Survey for Palo Alto Networks also shows fewer firms willing to pay da

Cyber Security Today, Dec. 8, 2023 – Ransomware is increasingly impacting OT systems, and more

This episode reports on how hackers break into AWS cloud instances, fake anti-Ukraine online ads  using photos of celebrities

Canadian privacy czars release principles for responsible development of AI

The principles remind AI developers they have to follow Canadian data pr

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways