CWE-1301

Base Abstraction Level
Pillar — Highest-level weakness category
Class — Abstract, language-independent
Base — Specific enough to detect
Variant — Tied to specific technology
Compound — Requires multiple weaknesses
Incomplete MITRE CWE Status
Stable — Fully reviewed and complete
Draft — Under development, may change
Incomplete — Partially defined by MITRE
Deprecated — No longer recommended
Obsolete — Replaced by another CWE
Insufficient or Incomplete Data Removal within Hardware Component

Description

The product's data removal process does not completely delete all data and potentially sensitive information within hardware components.

Physical properties of hardware devices, such as remanence of magnetic media, residual charge of ROMs/RAMs, or screen burn-in may still retain sensitive data after a data removal process has taken place and power is removed. Recovering data after erasure or overwriting is possible due to a phenomenon called data remanence. For example, if the same value is written repeatedly to a memory location, the corresponding memory cells can become physically altered to a degree such that even after the original data is erased that data can still be recovered through physical characterization of the memory cells.

Consequences

Confidentiality — Read Memory, Read Application Data

Mitigations

Phase: Architecture and Design

Apply blinding or masking techniques to implementations of cryptographic algorithms.

Phase: Implementation

Alter the method of erasure, add protection of media, or destroy the media to protect the data.