CWE-1319 (Improper Protection against Electromagnetic Fault Injection (EM-FI)) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.
The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed.
| Kind | Name | Class | Prevalence | OS / CPE |
|---|---|---|---|---|
| language | — | Not Language-Specific | Undetermined | — |
| operating_system | — | Not OS-Specific | Undetermined | — |
| architecture | — | Not Architecture-Specific | Undetermined | — |
| technology | — | System on Chip | Undetermined | — |
| technology | Microcontroller Hardware | — | Undetermined | — |
| technology | Memory Hardware | — | Undetermined | — |
| technology | Power Management Hardware | — | Undetermined | — |
| technology | Processor Hardware | — | Undetermined | — |
| technology | Test/Debug Hardware | — | Undetermined | — |
| technology | Sensor Hardware | — | Undetermined | — |
These CVEs are mapped to this weakness in this database and kept for traceability and search.
| CVE | Published | Summary |
|---|---|---|
| CVE-2025-9709 | 2025-09-05 | On-Chip Debug and Test Interface With Improper Access Control and Improper Protection against Electromagnetic Fault Injection (EM-FI) in Nordic Semiconductor nRF52810 allow attacker to perform EM Faul… |
| CVE-2025-1566 | 2025-04-16 | DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state… |
| CVE-2024-31510 | 2024-05-24 | An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker to escalate privileges via the crypto_sign_signature parameter in the /pqcrystals-dilithium-standard_ml-dsa-44-ipd_avx2/sign.c comp… |
| CVE-2023-5138 | 2024-01-03 | Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault high parts EFx32xG2xB, except EFR32xG21B. |
| CVE-2022-42784 | 2023-12-12 | A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions >= V8.3), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions >= V8.3), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All v… |
| CVE-2022-26131 | 2022-03-10 | Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals. |
| Date | Name | Version | Importance | Comment |
|---|---|---|---|---|
| 2022-04-28 | CWE Content Team | 4.7 | — | updated Applicable_Platforms |
| 2022-06-28 | CWE Content Team | 4.8 | — | updated Applicable_Platforms, Relationships |
| 2022-10-13 | CWE Content Team | 4.9 | — | updated Potential_Mitigations, References, Relationships |
| 2023-01-31 | CWE Content Team | 4.10 | — | updated Related_Attack_Patterns |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated References, Relationships |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |
| 2023-10-26 | CWE Content Team | 4.13 | — | updated Observed_Examples |
| 2025-12-11 | CWE Content Team | 4.19 | — | updated Demonstrative_Examples, Observed_Examples, Weakness_Ordinalities |