CWE-1319 · Improper Protection against Electromagnetic Fault Injection (EM-FI)

Scaner-VSvulnerability catalog · v4.2

CWE-1319BaseIncomplete

Abstraction: Base

Status: Incomplete

Improper Protection against Electromagnetic Fault Injection (EM-FI)

The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed.

Open in catalog with CWE filter →

Related CAPECs

Hardware Fault Injection

Mobile Device Fault Injection

Related vulnerabilities

CVE-2022-26131Power Line Communications PLC4TRUCKS J2497 trailer receivers are susceptible to remote RF induced signals.

CVE-2025-1566DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions.

CVE-2023-42465Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.

CVE-2023-5138Glitch detection is not enabled by default for the CortexM33 core in Silicon Labs secure vault high parts EFx32xG2xB, except EFR32xG21B.

CVE-2022-42784A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions >= V8.3), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions >= V8.3), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions >= V8.3), LOGO! 230RCEo (6ED1052-2FB08-0BA1) (All versions >= V8.3), LOGO! 24CE (6ED1052-1CC08-0BA1) (All versions >= V8.3), LOGO! 24CEo (6ED1052-2CC08-0BA1) (All versions >= V8.3), LOGO! 24RCE (6ED1052-1HB08-0BA1) (All versions >= V8.3), LOGO! 24RCEo (6ED1052-2HB08-0BA1) (All versions >= V8.3), SIPLUS LOGO! 12/24RCE (6AG1052-1MD08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 12/24RCEo (6AG1052-2MD08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 230RCE (6AG1052-1FB08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 230RCEo (6AG1052-2FB08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24CE (6AG1052-1CC08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24CEo (6AG1052-2CC08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24RCE (6AG1052-1HB08-7BA1) (All versions >= V8.3), SIPLUS LOGO! 24RCEo (6AG1052-2HB08-7BA1) (All versions >= V8.3). Affected devices are vulnerable to an electromagnetic fault injection. This could allow an attacker to dump and debug the firmware, including the manipulation of memory. Further actions could allow to inject public keys of custom created key pairs which are then signed by the product CA. The generation of a custom certificate allows communication with, and impersonation of, any device of the same version.