CWE - About - CWE Videos

The CWE videos below are hosted on the CWE Program Channel on YouTube.

CWE Basics

CWE Program Lead Alec Summers discusses the CWE Program’s ongoing efforts to implement its federation strategy to increase program coverage and adoption. Topics include modernizing the CWE Program infrastructure, federating CWE content development, and the purpose and objectives of the CWE community working groups and special interest groups.

This talk was presented at CVE/FIRST VulnCon 2024 on March 26, 2024.

Hardware CWEs

Scott Constable of Intel Labs discuses microarchitectural weaknesses in the CWE List that relate to transient execution, especially the four new microarchitectural weakness entries added with the release of CWE Version 4.14:

CWE-1420: Exposure of Sensitive Information during Transient Execution
CWE-1421: Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution
CWE-1422: Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution
CWE-1423: Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution

This talk was presented to the Hardware CWE Special Interest Group (HW CWE SIG) on March 8, 2024.


	Site Map \| Terms of Use \| Manage Cookies \| Cookie Notice \| Privacy Policy \| Contact Us \| Use of the Common Weakness Enumeration (CWE™) and the associated references from this website are subject to the Terms of Use. CWE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2006–2024, The MITRE Corporation. CWE, CWSS, CWRAF, and the CWE logo are trademarks of The MITRE Corporation.

Common Weakness Enumeration

CWE Videos

CWE Basics

Hardware CWEs