CWE-1301: Insufficient or Incomplete Data Removal within Hardware Component

BaseIncomplete

The product's data removal process does not completely delete all data and potentially sensitive information within hardware components.

View on MITRE
Back to CWE Lookup

Extended Description

Physical properties of hardware devices, such as remanence of magnetic media, residual charge of ROMs/RAMs, or screen burn-in may still retain sensitive data after a data removal process has taken place and power is removed. Recovering data after erasure or overwriting is possible due to a phenomenon called data remanence. For example, if the same value is written repeatedly to a memory location, the corresponding memory cells can become physically altered to a degree such that even after the original data is erased that data can still be recovered through physical characterization of the memory cells.

Technical Details

Structure
Simple

Applicable To

Languages
Not Language-Specific
Platforms
Not OS-Specific

Frequently Asked Questions

What is CWE-1301: Insufficient or Incomplete Data Removal within Hardware Component?+

CWE-1301: Insufficient or Incomplete Data Removal within Hardware Component is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product's data removal process does not completely delete all data and potentially sensitive information within hardware components. Physical properties of hardware devices, such as remanence of magnetic media, residual charge of ROMs/RAMs, or screen burn-in may still retain sensitive data after a data removal process has taken place and power is removed. Recovering data after erasure or overwriting is possible due to a phenomenon called data remanence. For example, if the same value is written repeatedly to a memory location, the corresponding memory cells can become physically altered to a degree such that even after the original data is erased that data can still be recovered through physical characterization of the memory cells.

What are the security consequences of Insufficient or Incomplete Data Removal within Hardware Component?+

If exploited, CWE-1301 (Insufficient or Incomplete Data Removal within Hardware Component) it can compromise Confidentiality, leading to outcomes such as Read Memory and Read Application Data.

How do you prevent or mitigate Insufficient or Incomplete Data Removal within Hardware Component?+

Recommended mitigations for CWE-1301 include: Apply blinding or masking techniques to implementations of cryptographic algorithms. Alter the method of erasure, add protection of media, or destroy the media to protect the data.

Which programming languages are affected by Insufficient or Incomplete Data Removal within Hardware Component?+

CWE-1301 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.

What are real-world examples of Insufficient or Incomplete Data Removal within Hardware Component?+

MITRE documents real CVEs mapped to CWE-1301, including CVE-2019-8575. You can look up the full details of each CVE, including CVSS scores and remediation guidance, on our CVE Lookup tool.

What is the difference between a CWE and a CVE?+

A CWE (Common Weakness Enumeration) like CWE-1301 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.

Learn More