The hardware logic does not effectively handle when single-event upsets (SEUs) occur.
View on MITRETechnology trends such as CMOS-transistor down-sizing, use of new materials, and system-on-chip architectures continue to increase the sensitivity of systems to soft errors. These errors are random, and their causes might be internal (e.g., interconnect coupling) or external (e.g., cosmic radiation). These soft errors are not permanent in nature and cause temporary bit flips known as single-event upsets (SEUs). SEUs are induced errors in circuits caused when charged particles lose energy by ionizing the medium through which they pass, leaving behind a wake of electron-hole pairs that cause temporary failures. If these failures occur in security-sensitive modules in a chip, it might compromise the security guarantees of the chip. For instance, these temporary failures could be bit flips that change the privilege of a regular user to root.
Implement triple-modular redundancy around security-sensitive modules.
SEUs mostly affect SRAMs. For SRAMs storing security-critical data, implement Error-Correcting-Codes (ECC) and Address Interleaving.
No detection method information available for this CWE.
This is an example from [REF-1089]. See the reference for full details of this issue.
Parity is error detecting but not error correcting.
This is an example from [REF-1089]. See the reference for full details of this issue.
Parity is error detecting but not error correcting.
No relationship information available for this CWE.
CWE-1261: Improper Handling of Single Event Upsets is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The hardware logic does not effectively handle when single-event upsets (SEUs) occur. Technology trends such as CMOS-transistor down-sizing, use of new materials, and system-on-chip architectures continue to increase the sensitivity of systems to soft errors. These errors are random, and their causes might be internal (e.g., interconnect coupling) or external (e.g., cosmic radiation). These soft errors are not permanent in nature and cause temporary bit flips known as single-event upsets (SEUs). SEUs are induced errors in circuits caused when charged particles lose energy by ionizing the medium through which they pass, leaving behind a wake of electron-hole pairs that cause temporary failures. If these failures occur in security-sensitive modules in a chip, it might compromise the security guarantees of the chip. For instance, these temporary failures could be bit flips that change the privilege of a regular user to root.
If exploited, CWE-1261 (Improper Handling of Single Event Upsets) it can compromise Availability and Access Control, leading to outcomes such as DoS: Crash, Exit, or Restart, DoS: Instability, Gain Privileges or Assume Identity and Bypass Protection Mechanism.
Recommended mitigations for CWE-1261 include: Implement triple-modular redundancy around security-sensitive modules. SEUs mostly affect SRAMs. For SRAMs storing security-critical data, implement Error-Correcting-Codes (ECC) and Address Interleaving.
CWE-1261 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.
A CWE (Common Weakness Enumeration) like CWE-1261 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.