CWE-1301
Insufficient or Incomplete Data Removal within Hardware Component
BaseIncomplete
Description
The product's data removal process does not completely delete all data and potentially sensitive information within hardware components.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-37
CVEs mapped to this weakness (1)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-29946 | Med | 0.29 | — | 0.00 | Feb 10, 2026 | Insufficient or Incomplete Data Removal in Hardware Component in SEV firmware doesn't fully flush IOMMU. This can potentially lead to a loss of confidentiality and integrity in guest memory. |