CWE-1319β€”Improper Protection against Electromagnetic Fault Injection (EM-FI)

PUBLISHEDweakness record
released 2020-12-10 Β· last modified 2025-12-11

Metadata

CWE ID:
CWE-1319
Abstraction:
Base
Structure:
Simple
Status:
Incomplete
Release Date:
2020-12-10
Latest Modification Date:
2025-12-11

Weakness Name

Improper Protection against Electromagnetic Fault Injection (EM-FI)

Description

The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed.

Electromagnetic fault injection may allow an attacker to locally and dynamically modify the signals (both internal and external) of an integrated circuit. EM-FI attacks consist of producing a local, transient magnetic field near the device, inducing current in the device wires. A typical EMFI setup is made up of a pulse injection circuit that generates a high current transient in an EMI coil, producing an abrupt magnetic pulse which couples to the target producing faults in the device, which can lead to:

Common Consequences

Scope:
Confidentiality, Integrity, Access Control, Availability
Impact:
Modify Memory, Read Memory, Gain Privileges or Assume Identity, Bypass Protection Mechanism, Execute Unauthorized Code or Commands

Related Weaknesses