{"@ID": "1384", "@Name": "Improper Handling of Physical or Environmental Conditions", "@Abstraction": "Class", "@Structure": "Simple", "@Status": "Incomplete", "Description": "The product does not properly handle unexpected physical or environmental conditions that occur naturally or are artificially induced.", "Extended_Description": {"xhtml:p": ["Hardware products are typically only guaranteed to behave correctly within certain physical limits or environmental conditions. Such products cannot necessarily control the physical or external conditions to which they are subjected. However, the inability to handle such conditions can undermine a product's security. For example, an unexpected physical or environmental condition may cause the flipping of a bit that is used for an authentication decision. This unexpected condition could occur naturally or be induced artificially by an adversary.", "Physical or environmental conditions of concern are:"], "xhtml:ul": {"xhtml:li": [{"xhtml:div": {"xhtml:b": "Atmospheric characteristics:", "#text": "extreme temperature ranges, etc."}}, {"xhtml:div": {"xhtml:b": "Interference:", "#text": "electromagnetic interference (EMI), radio frequency interference (RFI), etc."}}, {"xhtml:div": {"xhtml:b": "Assorted light sources:", "#text": "white light, ultra-violet light (UV), lasers, infrared (IR), etc."}}, {"xhtml:div": {"xhtml:b": "Power variances:", "#text": "under-voltages, over-voltages, under-current, over-current, etc."}}, {"xhtml:div": {"xhtml:b": "Clock variances:", "#text": "glitching, overclocking, clock stretching, etc."}}, {"xhtml:div": {"xhtml:b": "Component aging and degradation"}}, {"xhtml:div": {"xhtml:b": "Materials manipulation:", "#text": "focused ion beams (FIB), etc."}}, {"xhtml:div": {"xhtml:b": "Exposure to radiation:", "#text": "x-rays, cosmic radiation, etc."}}]}}, "Related_Weaknesses": {"Related_Weakness": {"@Nature": "ChildOf", "@CWE_ID": "703", "@View_ID": "1000", "@Ordinal": "Primary"}}, "Weakness_Ordinalities": {"Weakness_Ordinality": {"Ordinality": "Primary"}}, "Applicable_Platforms": {"Technology": [{"@Class": "System on Chip", "@Prevalence": "Undetermined"}, {"@Class": "ICS/OT", "@Prevalence": "Undetermined"}]}, "Modes_Of_Introduction": {"Introduction": [{"Phase": "Architecture and Design", "Note": "The product's design might not consider checking and handling extreme conditions."}, {"Phase": "Manufacturing", "Note": "For hardware manufacturing, sub-par components might be chosen that are not able to handle the expected environmental conditions."}]}, "Common_Consequences": {"Consequence": {"Scope": ["Confidentiality", "Integrity", "Availability"], "Impact": ["Varies by Context", "Unexpected State"], "Note": "Consequences of this weakness are highly dependent on the role of affected components within the larger product."}}, "Potential_Mitigations": {"Mitigation": [{"Phase": "Requirements", "Description": "In requirements, be specific about expectations for how the product will perform when it exceeds physical and environmental boundary conditions, e.g., by shutting down."}, {"Phase": ["Architecture and Design", "Implementation"], "Description": "Where possible, include independent components that can detect excess environmental conditions and have the capability to shut down the product."}, {"Phase": ["Architecture and Design", "Implementation"], "Description": "Where possible, use shielding or other materials that can increase the adversary's workload and reduce the likelihood of being able to successfully trigger a security-related failure."}]}, "Demonstrative_Examples": {"Demonstrative_Example": [{"@Demonstrative_Example_ID": "DX-234", "Intro_Text": "Below is a representative snippet of C code that is part of the secure-boot flow. A signature of the runtime-firmware image is calculated and compared against a golden value. If the signatures match, the bootloader loads runtime firmware. If there is no match, an error halt occurs. If the underlying hardware executing this code does not contain any circuitry or sensors to detect voltage or clock glitches, an attacker might launch a fault-injection attack right when the signature check is happening (at the location marked with the comment), causing a bypass of the signature-checking process.", "Example_Code": [{"@Nature": "Bad", "@Language": "C", "xhtml:br": [null, null, null, null, null, null, null, null, null], "xhtml:div": [{"@style": "margin-left:1em;", "xhtml:br": null, "#text": "load_runtime_firmware();"}, {"@style": "margin-left:1em;", "xhtml:br": null, "#text": "do_not_load_runtime_firmware();"}], "#text": "...\n          if (signature_matches)  // <-Glitch Here\n          {\n\t\t  \n          }\n          else\n          {\n\t\t  \n          }\n          \t\n          ..."}, {"@Nature": "Good", "@Language": "Other", "xhtml:div": "If the underlying hardware detects a voltage or clock glitch, the information can be used to prevent the glitch from being successful."}], "Body_Text": "After bypassing secure boot, an attacker can gain access to system assets to which the attacker should not have access."}, {"@Demonstrative_Example_ID": "DX-235", "Intro_Text": "In 2016, a security researcher, who was also a patient using a pacemaker, was on an airplane when a bit flip occurred in the pacemaker, likely due to the higher prevalence of cosmic radiation at such heights. The pacemaker was designed to account for bit flips and went into a default safe mode, which still forced the patient to go to a hospital to get it reset. The bit flip also inadvertently enabled the researcher to access the crash file, perform reverse engineering, and detect a hard-coded key. [REF-1101]"}]}, "Observed_Examples": {"Observed_Example": {"Reference": "CVE-2019-17391", "Description": "Lack of anti-glitch protections allows an attacker to launch a physical attack to bypass the secure boot and read protected eFuses.", "Link": "https://www.cve.org/CVERecord?id=CVE-2019-17391"}}, "References": {"Reference": [{"@External_Reference_ID": "REF-1248", "@Section": "ICS Communications / 2. Unreliability"}, {"@External_Reference_ID": "REF-1255"}, {"@External_Reference_ID": "REF-1285"}, {"@External_Reference_ID": "REF-1286", "@Section": "1.2"}, {"@External_Reference_ID": "REF-1101"}]}, "Mapping_Notes": {"Usage": "Allowed-with-Review", "Rationale": "This CWE entry is a Class and might have Base-level children that would be more appropriate", "Comments": "Examine children of this entry to see if there is a better fit", "Reasons": {"Reason": {"@Type": "Abstraction"}}}, "Content_History": {"Submission": {"Submission_Name": "CWE Content Team", "Submission_Organization": "MITRE", "Submission_Date": "2022-04-21", "Submission_Version": "4.7", "Submission_ReleaseDate": "2022-04-28"}, "Modification": [{"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2022-06-28", "Modification_Version": "4.8", "Modification_ReleaseDate": "2022-06-28", "Modification_Comment": "updated Description, Name, Potential_Mitigations, Relationships, Type"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2022-10-13", "Modification_Version": "4.9", "Modification_ReleaseDate": "2022-10-13", "Modification_Comment": "updated References"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2023-01-31", "Modification_Version": "4.10", "Modification_ReleaseDate": "2023-01-31", "Modification_Comment": "updated Applicable_Platforms, Relationships"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2023-04-27", "Modification_Version": "4.11", "Modification_ReleaseDate": "2023-04-27", "Modification_Comment": "updated Relationships"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2023-06-29", "Modification_Version": "4.12", "Modification_ReleaseDate": "2023-06-29", "Modification_Comment": "updated Mapping_Notes"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2023-10-26", "Modification_Version": "4.13", "Modification_ReleaseDate": "2023-10-26", "Modification_Comment": "updated Observed_Examples"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2025-09-09", "Modification_Version": "4.18", "Modification_ReleaseDate": "2025-09-09", "Modification_Comment": "updated References"}, {"Modification_Name": "CWE Content Team", "Modification_Organization": "MITRE", "Modification_Date": "2025-12-11", "Modification_Version": "4.19", "Modification_ReleaseDate": "2025-12-11", "Modification_Comment": "updated Demonstrative_Examples, References, Weakness_Ordinalities"}], "Contribution": {"@Type": "Feedback", "Contribution_Name": "Members of the Hardware CWE Special Interest Group", "Contribution_Date": "2022-05-13", "Contribution_Comment": "Provided feedback on descriptions"}, "Previous_Entry_Name": {"@Date": "2022-06-28", "#text": "Improper Handling of Extreme Physical Environment Conditions"}}}
