CWE-1256
Improper Restriction of Software Interfaces to Hardware Features
The product provides software-controllable device functionality for capabilities such as power and clock management, but it does not properly limit functionality that can lead to modification of hardware memory or register bits, or the ability to observe physical side channels.
CVE-2024-1545 (GCVE-0-2024-1545)
Vulnerability from cvelistv5
Published
2024-08-29 23:02
Modified
2024-08-30 14:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the RsaKey structure.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wolfssl:wolfcrypt:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wolfcrypt",
"vendor": "wolfssl",
"versions": [
{
"lessThanOrEqual": "5.6.6",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1545",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T14:19:14.904586Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T14:19:19.372Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/wolfSSL/wolfssl",
"defaultStatus": "affected",
"modules": [
"RSA encryption system"
],
"packageName": "wolfssl",
"platforms": [
"Linux",
"Windows",
"64 bit",
"32 bit"
],
"product": "wolfCrypt",
"programFiles": [
"https://github.com/wolfSSL/wolfssl/blob/master/wolfcrypt/src/rsa.c"
],
"programRoutines": [
{
"name": "RsaPrivateDecrypt"
}
],
"repo": "https://github.com/wolfSSL/wolfssl",
"vendor": "WolfSSL",
"versions": [
{
"lessThanOrEqual": "5.6.6",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"datePublic": "2024-03-20T17:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker\u0026nbsp;co-resides in the same system with a victim process to\u0026nbsp;disclose information and escalate privileges via Rowhammer fault injection to the RsaKey structure."
}
],
"value": "Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker\u00a0co-resides in the same system with a victim process to\u00a0disclose information and escalate privileges via Rowhammer fault injection to the RsaKey structure."
}
],
"impacts": [
{
"capecId": "CAPEC-440",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-440 Hardware Integrity Attack"
}
]
},
{
"capecId": "CAPEC-624",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-624 Fault Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1256",
"description": "CWE-1256: Improper Restriction of Software Interfaces to Hardware Features",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-252",
"description": "CWE-252 Unchecked Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T23:02:48.312Z",
"orgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27",
"shortName": "wolfSSL"
},
"references": [
{
"url": "https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Fault Injection of RSA encryption in WolfCrypt",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27",
"assignerShortName": "wolfSSL",
"cveId": "CVE-2024-1545",
"datePublished": "2024-08-29T23:02:48.312Z",
"dateReserved": "2024-02-15T17:39:41.746Z",
"dateUpdated": "2024-08-30T14:19:19.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2881 (GCVE-0-2024-2881)
Vulnerability from cvelistv5
Published
2024-08-29 23:10
Modified
2024-08-30 14:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key structure.
References
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wolfssl:wolfcrypt:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wolfcrypt",
"vendor": "wolfssl",
"versions": [
{
"lessThanOrEqual": "5.6.6",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2881",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T14:18:26.882306Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-30T14:18:36.327Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/wolfSSL/wolfssl",
"defaultStatus": "affected",
"modules": [
"EdDSA signature system"
],
"packageName": "wolfssl",
"platforms": [
"Linux",
"Windows",
"64 bit",
"32 bit"
],
"product": "wolfCrypt",
"programFiles": [
"https://github.com/wolfSSL/wolfssl/blob/master/wolfcrypt/src/ed25519.c"
],
"programRoutines": [
{
"name": "Ed25519 signature"
}
],
"repo": "https://github.com/wolfSSL/wolfssl",
"vendor": "WolfSSL",
"versions": [
{
"lessThanOrEqual": "5.6.6",
"status": "affected",
"version": "0",
"versionType": "git"
}
]
}
],
"datePublic": "2024-03-20T17:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Fault Injection vulnerability in\u0026nbsp;wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker\u0026nbsp;co-resides in the same system with a victim process to\u0026nbsp;disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key structure."
}
],
"value": "Fault Injection vulnerability in\u00a0wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker\u00a0co-resides in the same system with a victim process to\u00a0disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key structure."
}
],
"impacts": [
{
"capecId": "CAPEC-440",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-440 Hardware Integrity Attack"
}
]
},
{
"capecId": "CAPEC-624",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-624 Fault Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1256",
"description": "CWE-1256: Improper Restriction of Software Interfaces to Hardware Features",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-252",
"description": "CWE-252 Unchecked Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T23:10:59.179Z",
"orgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27",
"shortName": "wolfSSL"
},
"references": [
{
"url": "https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Fault Injection of EdDSA signature in WolfCrypt",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27",
"assignerShortName": "wolfSSL",
"cveId": "CVE-2024-2881",
"datePublished": "2024-08-29T23:10:59.179Z",
"dateReserved": "2024-03-25T22:01:53.209Z",
"dateUpdated": "2024-08-30T14:18:36.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-48869 (GCVE-0-2024-48869)
Vulnerability from cvelistv5
Published
2025-05-13 21:03
Modified
2025-05-15 04:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Escalation of Privilege
- CWE-1256 - Improper Restriction of Software Interfaces to Hardware Features
Summary
Improper restriction of software interfaces to hardware features for some Intel(R) Xeon(R) 6 processor with E-cores when using Intel(R) Trust Domain Extensions (Intel(R) TDX) or Intel(R) Software Guard Extensions (Intel(R) SGX) may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Xeon(R) 6 processor with E-cores when using Intel(R) Trust Domain Extensions (Intel(R) TDX) or Intel(R) Software Guard Extensions (Intel(R) SGX) |
Version: See references |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-48869",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-14T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T04:01:18.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Xeon(R) 6 processor with E-cores when using Intel(R) Trust Domain Extensions (Intel(R) TDX) or Intel(R) Software Guard Extensions (Intel(R) SGX)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper restriction of software interfaces to hardware features for some Intel(R) Xeon(R) 6 processor with E-cores when using Intel(R) Trust Domain Extensions (Intel(R) TDX) or Intel(R) Software Guard Extensions (Intel(R) SGX) may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-1256",
"description": "Improper Restriction of Software Interfaces to Hardware Features",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-13T21:03:22.922Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01268.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01268.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2024-48869",
"datePublished": "2025-05-13T21:03:22.922Z",
"dateReserved": "2024-10-09T02:59:22.185Z",
"dateUpdated": "2025-05-15T04:01:18.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5477 (GCVE-0-2024-5477)
Vulnerability from cvelistv5
Published
2025-08-13 17:47
Modified
2025-08-13 19:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1256 - - Improper Restriction of Software and Firmware Updates
Summary
A potential security vulnerability has been identified in the System BIOS for some HP PC products which may allow escalation of privilege, arbitrary code execution, denial of service, or information disclosure via a physical attack that requires specialized equipment and knowledge. HP is releasing firmware mitigation for the potential vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HP Inc. | Certain HP PC Products |
Version: See HP Security Bulletin reference for affected versions. |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5477",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T19:40:54.757656Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T19:41:17.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Certain HP PC Products",
"vendor": "HP Inc.",
"versions": [
{
"status": "affected",
"version": "See HP Security Bulletin reference for affected versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A potential security vulnerability has been identified in the System BIOS for some HP PC products which may allow escalation of privilege, arbitrary code execution, denial of service, or information disclosure via a physical attack that requires specialized equipment and knowledge. HP is releasing firmware mitigation for the potential vulnerability.\u003cbr\u003e"
}
],
"value": "A potential security vulnerability has been identified in the System BIOS for some HP PC products which may allow escalation of privilege, arbitrary code execution, denial of service, or information disclosure via a physical attack that requires specialized equipment and knowledge. HP is releasing firmware mitigation for the potential vulnerability."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "PHYSICAL",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1256",
"description": "CWE-1256 - Improper Restriction of Software and Firmware Updates",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T17:47:36.452Z",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_12878449-12878471-16/hpsbhf04043"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2024-5477",
"datePublished": "2025-08-13T17:47:09.166Z",
"dateReserved": "2024-05-29T15:20:41.911Z",
"dateUpdated": "2025-08-13T19:41:17.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phases: Architecture and Design, Implementation
Description:
- Ensure proper access control mechanisms protect software-controllable features altering physical operating conditions such as clock frequency and voltage.
CAPEC-624: Hardware Fault Injection
The adversary uses disruptive signals or events, or alters the physical environment a device operates in, to cause faulty behavior in electronic devices. This can include electromagnetic pulses, laser pulses, clock glitches, ambient temperature extremes, and more. When performed in a controlled manner on devices performing cryptographic operations, this faulty behavior can be exploited to derive secret key information.
CAPEC-625: Mobile Device Fault Injection
Fault injection attacks against mobile devices use disruptive signals or events (e.g. electromagnetic pulses, laser pulses, clock glitches, etc.) to cause faulty behavior. When performed in a controlled manner on devices performing cryptographic operations, this faulty behavior can be exploited to derive secret key information. Although this attack usually requires physical control of the mobile device, it is non-destructive, and the device can be used after the attack without any indication that secret keys were compromised.