CWE-1299: Missing Protection Mechanism for Alternate Hardware Interface
low-riskThe lack of protections on alternate paths to access control-protected assets (such as unprotected shadow registers and other external facing unguarded interfaces) allows an attacker to bypass existing protections to the asset that are only performed against the primary path.
Abstraction: Base
Common Consequences
Confidentiality
→
Modify Memory
Real-World Examples (10)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2025-26409 | 6.8 | 0.2% | — |
| CVE-2025-26409 | 6.8 | 0.2% | — |
| CVE-2024-47944 | 6.8 | 0.1% | — |
| CVE-2025-1073 | 7.5 | 0.1% | — |
| CVE-2022-43557 | 5.3 | 0.1% | — |
| CVE-2023-29063 | 2.4 | 0.1% | — |
| CVE-2021-3788 | 6.8 | 0.1% | — |
| CVE-2024-39723 | 4.6 | 0.1% | — |
| CVE-2023-29060 | 5.4 | 0.1% | — |
| CVE-2025-41697 | 6.8 | 0.0% | — |
0
/ 100
low-risk
Active Threat
0/50 · Minimal
Exploit Availability
0/50 · Minimal