| Attack Vector and Threat | Primary MITRE EMB3D TID | Risk Value |
|---|
| Cache State | MITRE EM3ED TID-103 | n/a |
| If the attacker and the victim have shared memory, the attacker can observe the victim's behavior regarding this shared memory by observing the cache state. If the attacker evicts a shared value of interest from the cache, then loads the value again after the victim's execution, based on the time taken it can determine whether the victim accessed the same value. | MITRE EM3ED TID-103 | n/a |
| If the attacker and the victim have shared memory, the attacker can observe the victim's behavior regarding this shared memory by observing the cache state. If the attacker flushes a shared value of interest from the cache, then loads the value again after the victim's execution, based on the time taken it can determine whether the victim accessed the same value. | MITRE EM3ED TID-103 | n/a |
| If the attacker and the victim have shared memory, the attacker can observe the victim's behavior regarding this shared memory by observing the cache state. If the attacker flushes a shared value of interest from the cache, then flushes value again after the victim's execution, based on the time taken it can determine whether the victim accessed the same value (without ever accessing the target value). | MITRE EM3ED TID-103 | n/a |
| Even without shared memory, the attacker can observe the victim's behavior regarding certain memory addresses by observing the cache state. If the attacker sets up the cache to a known state, then observes which values were evicted, it learns some information about the victim's execution, depending on the cache organization and replacement policy. | MITRE EM3ED TID-103 | n/a |
| Memory | MITRE EM3ED TID-206 | n/a |
| Contention in the DRAM row buffer can leak the memory access patterns of a victim program. | MITRE EM3ED TID-206 | n/a |
| Side-Channel Leakage | MITRE EM3ED TID-330 | n/a |
| Sensitive data extraction | MITRE EM3ED TID-330 | n/a |
| Code Execution | MITRE EM3ED TID-301 | n/a |
| The number of executed instructions and their execution time can be measured by an attacker with interrupt capabilities. | MITRE EM3ED TID-301 | n/a |
| Code Execution | MITRE EM3ED TID-301 | n/a |
| By monitoring the state of page table mappings, a privileged attacker can reconstruct the access patterns of the victim. | MITRE EM3ED TID-301 | n/a |
| Code Execution | MITRE EM3ED TID-301 | n/a |
| If the attacker can measure the execution time of code executing in parallel with the victim on the same core, they can detect changes in the timing resulting from the two programs contending for the same execution port on the core. | MITRE EM3ED TID-301 | n/a |
| Power Consumption Analysis Side Channel | MITRE EM3ED TID-101 | n/a |
| Electromagnetic Analysis Side Channel | MITRE EM3ED TID-102 | n/a |
| Microarchitectural Side Channels | MITRE EM3ED TID-103 | n/a |
| Hardware Fault Injection – Control Flow Modification | MITRE EM3ED TID-105 | n/a |
| Data Bus Interception | MITRE EM3ED TID-106 | n/a |
| Unauthorized Direct Memory Access (DMA) | MITRE EM3ED TID-107 | n/a |
| ROM/NVRAM Data Extraction or Modification | MITRE EM3ED TID-108 | n/a |
| RAM Chip Contents Readout | MITRE EM3ED TID-109 | n/a |
| Hardware Fault Injection – Data Manipulation | MITRE EM3ED TID-110 | n/a |
| Memory | MITRE EM3ED TID-206 | n/a |
| If the victim and the attacker (either from code or through DMA) can access memory at the same time, this might lead to contention on the memory bus, making it possible to detect the victim's memory accesses. | MITRE EM3ED TID-206 | n/a |
| Unverified Peripheral Firmware Loaded | MITRE EM3ED TID-113 | n/a |
| Peripheral Data Bus Interception | MITRE EM3ED TID-114 | n/a |
| Untrusted External Storage | MITRE EM3ED TID-111 | n/a |
| Weak Peripheral Port Electrical Damage Protection | MITRE EM3ED TID-118 | n/a |
| Firmware/Data Extraction via Hardware Interface | MITRE EM3ED TID-115 | n/a |
| Latent Privileged Access Port | MITRE EM3ED TID-116 | n/a |
| Latent Hardware Debug Port Allows Memory/Code Manipulation | MITRE EM3ED TID-119 | n/a |
| FI | MITRE EM3ED TID-110 | n/a |
| Firmware verification skip | MITRE EM3ED TID-110 | n/a |
| Buffer overflow exploitation after fault injection | MITRE EM3ED TID-110 | n/a |
| Side-Channel Leakage | MITRE EM3ED TID-330 | n/a |
| Secure bootloader control flow analysis | MITRE EM3ED TID-330 | n/a |
| Buffer Manipulation | MITRE EM3ED TID-327 | n/a |
| Arbitrary code execution | MITRE EM3ED TID-327 | n/a |
| Timing Attack | MITRE EM3ED TID-330 | n/a |
| Collection of timing information | MITRE EM3ED TID-330 | n/a |
| Inadequate Bootloader Protection and Verification | MITRE EM3ED TID-201 | n/a |
| Excessive Access via Software Diagnostic Features | MITRE EM3ED TID-224 | n/a |
| Exploitable System Network Stack Component | MITRE EM3ED TID-202 | n/a |
| Operating System Susceptible to Rootkit | MITRE EM3ED TID-218 | n/a |
| Device Vulnerabilities Unpatchable | MITRE EM3ED TID-210 | n/a |
| Device Allows Unauthenticated Firmware Installation | MITRE EM3ED TID-211 | n/a |
| Secrets Extracted from Device Root of Trust | MITRE EM3ED TID-214 | n/a |
| Cryptographic Timing Side-Channel | MITRE EM3ED TID-330 | n/a |
| FW/SW Update Integrity Shared Secrets Extraction | MITRE EM3ED TID-212 | n/a |
| Faulty FW/SW Update Integrity Verification | MITRE EM3ED TID-213 | n/a |
| Unencrypted SW/FW Updates | MITRE EM3ED TID-215 | n/a |
| Firmware Update Rollbacks Allowed | MITRE EM3ED TID-216 | n/a |
| Remotely Initiated Updates Can Cause DoS | MITRE EM3ED TID-217 | n/a |
| Logs can be manipulated on the device | MITRE EM3ED TID-225 | n/a |
| Device leaks security information in logs | MITRE EM3ED TID-226 | n/a |
| Applications Binaries Modified | MITRE EM3ED TID-301 | n/a |
