logo

View: Weaknesses in the 2025 CWE Most Important Hardware Weaknesses List

Stable
Type: Graph
Objective

CWE entries in this view are listed in the 2025 CWE Most Important Hardware Weaknesses List, as determined by the Hardware CWE Special Interest Group (HW CWE SIG). The 2025 MIHW aims to drive awareness of critical hardware weaknesses and provide the cybersecurity community with practical guidance to prevent security issues at the source. By combining advanced data analysis with expert consensus, the list helps organizations prioritize mitigations, strengthen design practices, and make informed decisions throughout the hardware lifecycle.

Audience

TypeDescription
Hardware DesignersAddress key security weaknesses during hardware design process.
Product CustomersEvaluate products for critical security weaknesses and enforce supplier security standards.
Applied ResearchersInvestigate selected weaknesses and develop new mitigation strategies.
Academic ResearchersIdentify gaps in foundational security models to develop advanced approaches.
Assessment TeamsFocus testing on high-priority hardware security weaknesses.
Assessment Tool VendorsImprove automated tools to detect critical security weaknesses.
EducatorsStructure course content and research projects around hardware security weaknesses.

Relationships
Weaknesses in the 2025 CWE Most Important Hardware Weaknesses List- (CWE-1432)
Sensitive Information in Resource Not Removed Before Reuse- (CWE-226)
Improper Isolation of Shared Resources on System-on-a-Chip (SoC)- (CWE-1189)
On-Chip Debug and Test Interface With Improper Access Control- (CWE-1191)
Hardware Internal or Debug Modes Allow Override of Locks- (CWE-1234)
Improper Protection Against Voltage and Clock Glitches- (CWE-1247)
Improper Restriction of Software Interfaces to Hardware Features- (CWE-1256)
Improper Handling of Overlap Between Protected Memory Ranges- (CWE-1260)
Improper Access Control for Register Interface- (CWE-1262)
Improper Protection of Physical Side Channels- (CWE-1300)
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution- (CWE-1421)
Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution- (CWE-1423)
2025 MIHW Supplement: Expert Insights- (CWE-1433)
Mapping Notes
Usage: Prohibited
Reasons: View
Rationale:
This entry is a View. Views are not weaknesses and therefore inappropriate to describe the root causes of vulnerabilities.
Comment:
Use this View or other Views to search and navigate for the appropriate weakness.