CWE-1245
Improper Finite State Machines (FSMs) in Hardware Logic
BaseIncomplete
Description
Faulty finite state machines (FSMs) in the hardware logic allow an attacker to put the system in an undefined state, to cause a denial of service (DoS) or gain privileges on the victim's system.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-74
CVEs mapped to this weakness (5)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-58311 | Cri | 0.64 | 9.8 | 0.00 | Dec 12, 2025 | Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation of the card's unique identifier. | |
| CVE-2025-48508 | Med | 0.39 | 6.0 | 0.00 | Feb 11, 2026 | Improper Hardware reset flow logic in the GPU GFX Hardware IP block could allow a privileged attacker in a guest virtual machine to control reset operation potentially causing host or GPU crash or reset resulting in denial of service. | |
| CVE-2024-31068 | Med | 0.34 | 5.3 | 0.00 | Feb 12, 2025 | Improper Finite State Machines (FSMs) in Hardware Logic for some Intel(R) Processors may allow privileged user to potentially enable denial of service via local access. | |
| CVE-2024-24968 | Med | 0.34 | 5.3 | 0.00 | Sep 16, 2024 | Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access. | |
| CVE-2024-21853 | Med | 0.31 | 4.7 | 0.00 | Nov 13, 2024 | Improper finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel(R) Xeon(R) Processors may allow an authorized user to potentially enable denial of service via local access. |