CWE-1328 Details

Security-version number in hardware is mutable, resulting in the ability to downgrade (roll-back) the boot firmware to vulnerable code versions.

Einführungsmodi

Architecture and Design
Implementation : Such issues could be introduced during hardware architecture and design, and can be identified later during testing or system configuration phases.

Anwendbare Plattformen

Sprache

Class: Not Language-Specific (Undetermined)

Betriebssysteme

Class: Not OS-Specific (Undetermined)

Architekturen

Class: Not Architecture-Specific (Undetermined)

Technologien

Name: Security Hardware (Undetermined)
Class: Not Technology-Specific (Undetermined)

Häufige Konsequenzen

Mögliche Gegenmaßnahmen

Phases : Architecture and Design
When architecting the system, security version data should be designated for storage in registers that are either read-only or have access controls that prevent modification by an untrusted agent.
Phases : Implementation
During implementation and test, security version data should be demonstrated to be read-only and access controls should be validated.

Erkennungsmethoden

Automated Dynamic Analysis

Mutability of stored security version numbers and programming with older firmware images should be part of automated testing.
Wirksamkeit : High

Architecture or Design Review

Anti-roll-back features should be reviewed as part of Architecture or Design review.
Wirksamkeit : High

Hinweise zur Schwachstellen-Zuordnung

Begründung : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Kommentar : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

Verwandte Angriffsmuster

Einreichung

Änderungen