CWE-1313 – Hardware Allows Activation of Test or Debug Logic at Runtime | Common Weakness Enumeration (CWE)

Overview

CWE-1313 (Hardware Allows Activation of Test or Debug Logic at Runtime) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.

Security impact: Security impact: Depends on product and context; use CVE records, severity scores, and MITRE guidance to prioritize.

Description

During runtime, the hardware allows for test or debug logic (feature) to be activated, which allows for changing the state of the hardware. This feature can alter the intended behavior of the system and allow for alteration and leakage of sensitive data by an adversary.

Applicable platforms

Kind	Name	Class	Prevalence	OS / CPE
language	—	Not Language-Specific	Undetermined	—
operating_system	—	Not OS-Specific	Undetermined	—
architecture	—	Not Architecture-Specific	Undetermined	—
technology	—	Not Technology-Specific	Undetermined	—

Related CVEs in this database

These CVEs are mapped to this weakness in this database and kept for traceability and search.

CVE	Published	Summary
CVE-2025-2919	2025-03-28	A vulnerability was found in Netis WF-2404 1.1.124EN. It has been declared as critical. This vulnerability affects unknown code of the component UART. The manipulation leads to hardware allows activat…

Content submission

Name: Brent Sherman
Organization: Accellera IP Security Assurance (IPSA) Working Group
Date: 2020-08-06
Version: 4.3

Content modifications

Date	Name	Version	Importance	Comment
2022-04-28	CWE Content Team	4.7	—	updated Related_Attack_Patterns
2023-04-27	CWE Content Team	4.11	—	updated Relationships
2023-06-29	CWE Content Team	4.12	—	updated Mapping_Notes
2023-10-26	CWE Content Team	4.13	—	updated Observed_Examples
2025-12-11	CWE Content Team	4.19	—	updated Weakness_Ordinalities

Contributions

Type	Name	Date	Comment
Content	Hareesh Khattri	2023-06-21	contributed to observed example