CAPEC-625 Mobile Device Fault Injection – Attack Pattern Analysis

CAPEC-625 Metadata

Likelihood of Attack

Low

Typical Severity

High

Overview

Summary

Fault injection attacks against mobile devices use disruptive signals or events (e.g. electromagnetic pulses, laser pulses, clock glitches, etc.) to cause faulty behavior. When performed in a controlled manner on devices performing cryptographic operations, this faulty behavior can be exploited to derive secret key information. Although this attack usually requires physical control of the mobile device, it is non-destructive, and the device can be used after the attack without any indication that secret keys were compromised.

Prerequisites

No prerequisites listed.

Potential Solutions / Mitigations

Strong physical security of all devices that contain secret key information. (even when devices are not in use) Frequent changes to secret keys and certificates.

Related Weaknesses (CWE)

CWE ID	Description
CWE-1247	Improper Protection Against Voltage and Clock Glitches
CWE-1248	Semiconductor Defects in Hardware Logic with Security-Sensitive Implications
CWE-1256	Improper Restriction of Software Interfaces to Hardware Features
CWE-1319	Improper Protection against Electromagnetic Fault Injection (EM-FI)
CWE-1332	Improper Handling of Faults that Lead to Instruction Skips
CWE-1334	Unauthorized Error Injection Can Degrade Hardware Redundancy
CWE-1338	Improper Protections Against Hardware Overheating
CWE-1351	Improper Handling of Hardware Behavior in Exceptionally Cold Environments

Related CAPECs

CAPEC ID	Description
CAPEC-624	The adversary uses disruptive signals or events, or alters the physical environment a device operates in, to cause faulty behavior in electronic devices. This can include electromagnetic pulses, laser pulses, clock glitches, ambient temperature extremes, and more. When performed in a controlled manner on devices performing cryptographic operations, this faulty behavior can be exploited to derive secret key information.

CAPEC ID

Description

CAPEC-624

The adversary uses disruptive signals or events, or alters the physical environment a device operates in, to cause faulty behavior in electronic devices. This can include electromagnetic pulses, laser pulses, clock glitches, ambient temperature extremes, and more. When performed in a controlled manner on devices performing cryptographic operations, this faulty behavior can be exploited to derive secret key information.

Stay Ahead of Attack Patterns

Understanding CAPEC patterns helps security professionals anticipate and thwart potential attacks. Leverage these insights to enhance threat modeling, strengthen your software development lifecycle, and train your security teams effectively.