CWE-1319(Improper Protection against Electromagnetic Fault Injection (EM-FI))は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。
The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed.
| 種別 | 名称 | クラス | 普遍性 | OS / CPE |
|---|---|---|---|---|
| language | — | Not Language-Specific | Undetermined | — |
| operating_system | — | Not OS-Specific | Undetermined | — |
| architecture | — | Not Architecture-Specific | Undetermined | — |
| technology | — | System on Chip | Undetermined | — |
| technology | Microcontroller Hardware | — | Undetermined | — |
| technology | Memory Hardware | — | Undetermined | — |
| technology | Power Management Hardware | — | Undetermined | — |
| technology | Processor Hardware | — | Undetermined | — |
| technology | Test/Debug Hardware | — | Undetermined | — |
| technology | Sensor Hardware | — | Undetermined | — |
これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。
| CVE | 公開 | 概要 |
|---|---|---|
| CVE-2025-9709 | 2025-09-05 | On-Chip Debug and Test Interface With Improper Access Control and Improper Protection against Electromagnetic Fault Injection (EM-FI) in Nordic Semiconductor nRF52810 allow attacker to perform EM Faul… |
| CVE-2025-1566 | 2025-04-16 | DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state… |
| CVE-2024-31510 | 2024-05-24 | An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker to escalate privileges via the crypto_sign_signature parameter in the /pqcrystals-dilithium-standard_ml-dsa-44-ipd_avx2/sign.c comp… |
| CVE-2023-5138 | 2024-01-03 | Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault high parts EFx32xG2xB, except EFR32xG21B. |
| CVE-2022-42784 | 2023-12-12 | A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions >= V8.3), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions >= V8.3), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All v… |
| CVE-2022-26131 | 2022-03-10 | Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals. |
| 日付 | 名称 | バージョン | 重要度 | コメント |
|---|---|---|---|---|
| 2022-04-28 | CWE Content Team | 4.7 | — | updated Applicable_Platforms |
| 2022-06-28 | CWE Content Team | 4.8 | — | updated Applicable_Platforms, Relationships |
| 2022-10-13 | CWE Content Team | 4.9 | — | updated Potential_Mitigations, References, Relationships |
| 2023-01-31 | CWE Content Team | 4.10 | — | updated Related_Attack_Patterns |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated References, Relationships |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |
| 2023-10-26 | CWE Content Team | 4.13 | — | updated Observed_Examples |
| 2025-12-11 | CWE Content Team | 4.19 | — | updated Demonstrative_Examples, Observed_Examples, Weakness_Ordinalities |