CWE-1278(Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques)は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。
Information stored in hardware may be recovered by an attacker with the capability to capture and analyze images of the integrated circuit using techniques such as scanning electron microscopy.
| 種別 | 名称 | クラス | 普遍性 | OS / CPE |
|---|---|---|---|---|
| language | — | Not Language-Specific | Undetermined | — |
| operating_system | — | Not OS-Specific | Undetermined | — |
| architecture | — | Not Architecture-Specific | Undetermined | — |
| technology | — | Not Technology-Specific | Undetermined | — |
これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。
| CVE | 公開 | 概要 |
|---|---|---|
| CVE-2021-38394 | 2021-10-04 | An attacker with physical access to the device can extract the binary that checks for the hardware key and reverse engineer it, which could be used to create a physical duplicate of a valid hardware k… |
| 日付 | 名称 | バージョン | 重要度 | コメント |
|---|---|---|---|---|
| 2020-08-20 | CWE Content Team | 4.2 | — | updated Demonstrative_Examples, Description, Modes_of_Introduction, Potential_Mitigations, References, Related_Attack_Patterns |
| 2021-03-15 | CWE Content Team | 4.4 | — | updated Maintenance_Notes |
| 2022-04-28 | CWE Content Team | 4.7 | — | updated Relationships |
| 2022-06-28 | CWE Content Team | 4.8 | — | updated Relationships |
| 2022-10-13 | CWE Content Team | 4.9 | — | updated Relationships |
| 2023-01-31 | CWE Content Team | 4.10 | — | updated Related_Attack_Patterns |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated References, Relationships |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |
| 2025-12-11 | CWE Content Team | 4.19 | — | updated Weakness_Ordinalities |