CWE-1300: Improper Protection of Physical Side Channels
low-riskThe device does not contain sufficient protection mechanisms to prevent physical side channels from exposing sensitive information due to patterns in physically observable phenomena such as variations in power consumption, electromagnetic emissions (EME), or acoustic emissions.
Common Consequences
Detection Methods
Perform a set of leakage detection tests such as the procedure outlined in the Test Vector Leakage Assessment (TVLA) test requirements for AES [REF-1230]. TVLA is the basis for the ISO standard 17825 [REF-1229]. A separate methodology is provided by [REF-1228]. Note that sole reliance on this method might not yield expected results [REF-1239] [REF-1240].
Post-silicon, perform full side-channel attacks (penetration testing) covering as many known leakage models as possible against test code.
Pre-silicon - while the aforementioned TVLA methods can be performed post-silicon, models of device power consumption or other physical emanations can be built from information present at various stages of the hardware design process before fabrication. TVLA or known side-channel attacks can be applied to these simulated traces and countermeasures applied before tape-out. Academic research in this field includes [REF-1231] [REF-1232] [REF-1233].
Real-World Examples (9)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2023-6258 | 8.1 | 0.1% | — |
| CVE-2025-10890 | 9.1 | 0.1% | — |
| CVE-2025-11207 | 6.5 | 0.0% | — |
| CVE-2025-13992 | 4.7 | 0.0% | — |
| CVE-2026-3929 | 3.1 | 0.0% | — |
| CVE-2026-5876 | 6.5 | 0.0% | — |
| CVE-2026-5876 | 6.5 | 0.0% | — |
| CVE-2025-11210 | 5.4 | 0.0% | — |
| CVE-2026-0115 | 2.1 | 0.0% | — |