A category in the Common Weakness Enumeration published by The MITRE Corporation.
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
Weaknesses in this category can arise in multiple areas of hardware design or can apply to a wide cross-section of components.
A feature, API, or function does not perform according to its specification.
The product does not provide its users with the ability to update or patch its firmware to address any vulnerabilities or weaknesses that may be present.
The product is designed with access restricted to certain information, but it does not sufficiently protect against an unauthorized actor with physical access to these...
The product's data removal process does not completely delete all data and potentially sensitive information within hardware components.
The product does not contain sufficient technical or engineering documentation (whether on paper or in electronic form) that contains descriptions of...
The product does not have documentation that represents how it is designed.
The product contains a component that cannot be updated or patched in order to remove vulnerabilities or significant bugs.
The product is built from multiple separate components, but it uses a component that is not sufficiently trusted to meet expectations for security, reliability, update...
This view organizes weaknesses around concepts that are frequently used or encountered in hardware design. Accordingly, this view can align closely with the perspectiv...