CWE · MITRE source
CWE-1191On-Chip Debug and Test Interface With Improper Access Control
The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface.
A device's internal information may be accessed through a scan chain of interconnected internal registers, usually through a JTAG interface. The JTAG interface provides access to these registers in a serial fashion in the form of a scan chain for the purposes of debugging programs running on a device. Since almost all information contained within a device may be accessed over this interface, device manufacturers typically insert some form of authentication and authorization to prevent unintended use of this sensitive information. This mechanism is implemented in addition to on-chip protections that are already present. If authorization, authentication, or some other form of access control is not implemented or not implemented correctly, a user may be able to bypass on-chip protection mechanisms through the debug interface. Sometimes, designers choose not to expose the debug pins on the motherboard. Instead, they choose to hide these pins in the intermediate layers of the board. This is primarily done to work around the lack of debug authorization inside the chip. In such a scenario (without debug authorization), when the debug interface is exposed, chip internals are accessible to an attacker.
Last updated: 04 July 2026 00:28 UTC
Cumulative inbound coverage
How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.
Collective: partial · 4 mapping(s) from 2 framework(s): ATT&CK 3 (partial) · CAPEC 1 (partial)
NIST 800-53 r5 controls that address this weakness (2)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
SC-41 | Port and I/O Device Access | SC | Directly mitigates exposure of on-chip debug and test interfaces by disabling or removing them. |
SR-10 | Inspection of Systems or Components | SR | Inspection of on-chip debug/test interfaces can identify tampering or unauthorized access that those interfaces enable. |
MITRE ATT&CK techniques this weakness enables
Our own two-way CWE↔ATT&CK cross-walk — a direct mapping with no public source (the CWE→CAPEC→ATT&CK chain leaves most top weaknesses, incl. XSS and SQLi, mapped to nothing). Drafted by Grok and spot-checked by Claude Opus 4.8.
Direction: ← other covers this;
→ this covers other (F/M/P = full / mostly /
partial).
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2024-48970 | 7.0 | 9.3 | 0.0021 | 2024-11-14 |
CVE-2023-32666 | 5.5 | 7.2 | 0.0015 | 2024-03-14 |
CVE-2025-65821 | 5.5 | 7.5 | 0.0031 | 2025-12-10 |
CVE-2020-9285 | 3.5 | 6.8 | 0.0047 | 2022-10-20 |
CVE-2022-43096 | 3.5 | 6.8 | 0.0054 | 2022-11-17 |
CVE-2024-4231 | 3.5 | 4.6 | 0.0056 | 2024-05-14 |
CVE-2025-26408 | 3.5 | 6.1 | 0.0028 | 2025-02-11 |
CVE-2025-26409 | 3.5 | 6.8 | 0.0031 | 2025-02-11 |
CVE-2025-48468 UPD | 3.5 | 6.4 | 0.0016 | 2025-06-24 |
CVE-2025-47819 UPD | 3.5 | 6.4 | 0.0022 | 2025-06-27 |
CVE-2025-47822 UPD | 3.5 | 6.4 | 0.0021 | 2025-06-27 |
CVE-2025-7213 UPD | 3.5 | 6.4 | 0.0016 | 2025-07-09 |
CVE-2025-12114 | 3.5 | 5.5 | 0.0010 | 2025-10-23 |
CVE-2025-65822 | 3.5 | 6.8 | 0.0018 | 2025-12-10 |
CVE-2025-15083 | 1.5 | 2.0 | 0.0023 | 2025-12-25 |