Creators and users of Operational Technology and IoT devices should pay attention to a new report from MITRE which reveals the Most Important Hardware Weaknesses causing security issues in 2021.
For some years, MITRE has regularly reported on the most dangerous software security weaknesses by analysing the CVE vulnerability reports generated each year. Now they have expanded their reporting to include vulnerabilities reported in hardware systems. The aim of the list is to inform customers procuring such systems and suppliers who create these systems as to the types of vulnerabilities that should be addressed in the product design and testing stages.
There are 12 entries in the list which includes flaws such as: the inability to perform firmware updates, risky implementation of cryptography and the provision of test and debug interfaces without proper access controls to prevent their abuse.
The full list and the related report are available for free on the MITRE website here.