CWE-1231
Improper Prevention of Lock Bit Modification
Stable
2020-02-24
00h00 +00:00
00h00 +00:00
2025-09-09
00h00 +00:00
00h00 +00:00
Notificaciones para un CWE
Manténgase informado sobre cualquier cambio en un CWE específico.
Nombre: Improper Prevention of Lock Bit Modification
The product uses a trusted lock bit for restricting access to registers, address regions, or other resources, but the product does not prevent the value of the lock bit from being modified after it has been set.
Informaciones generales
Modos de introducción
Architecture and Design : Such issues could be introduced during hardware architecture and design and identified later during Testing or System Configuration phases.Implementation : Such issues could be introduced during implementation and identified later during Testing or System Configuration phases.
Plataformas aplicables
Lenguaje
Class: Not Language-Specific (Undetermined)Sistemas operativos
Class: Not OS-Specific (Undetermined)Arquitecturas
Class: Not Architecture-Specific (Undetermined)Tecnologías
Class: Not Technology-Specific (Undetermined)Consecuencias comunes
| Alcance | Impacto | Probabilidad |
|---|---|---|
| Access Control | Modify Memory Note: Registers protected by lock bit can be modified even when lock is set. | High |
Ejemplos observados
| Referencias | Descripción |
|---|---|
CVE-2017-6283 | chip reset clears critical read/write lock permissions for RSA function |
Mitigaciones potenciales
Phases : Architecture and Design // Implementation // TestingMétodos de detección
Manual Analysis
Set the lock bit. Power cycle the device. Attempt to clear the lock bit. If the information is changed, implement a design fix. Retest. Also, attempt to indirectly clear the lock bit or bypass it.Efectividad : High
Notas de mapeo de vulnerabilidades
Justificación : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.Comentario : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Patrones de ataque relacionados
| CAPEC-ID | Nombre del patrón de ataque |
|---|---|
| CAPEC-680 | Exploitation of Improperly Controlled Registers
|
Referencias
REF-1350
reglk_wrapper.svhttps://github.com/HACK-EVENT/hackatdac21/blob/b9ecdf6068445d76d6bee692d163fededf7a9d9b/piton/design/chip/tile/ariane/src/reglk/reglk_wrapper.sv#L80C1-L80C48
REF-1351
fix cwe 1199 in reglkhttps://github.com/HACK-EVENT/hackatdac21/commit/5928add42895b57341ae8fc1f9b8351c35aed865#diff-1c2b09dd092a56e5fb2be431a3849e72ff489d2ae4f4a6bb9c0ea6b7d450135aR80
Envío
| Nombre | Organización | Fecha | Fecha de lanzamiento | Version |
|---|---|---|---|---|
| Arun Kanuparthi, Hareesh Khattri, Parbati Kumar Manna, Narasimha Kumar V Mangipudi | Intel Corporation | 4.0 |
Modificaciones
| Nombre | Organización | Fecha | Comentario |
|---|---|---|---|
| CWE Content Team | MITRE | updated Demonstrative_Examples | |
| CWE Content Team | MITRE | updated Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Demonstrative_Examples, Description, Detection_Factors, Name, Observed_Examples, Potential_Mitigations, Relationships, Weakness_Ordinalities | |
| CWE Content Team | MITRE | updated Related_Attack_Patterns, Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes | |
| CWE Content Team | MITRE | updated Demonstrative_Examples, References | |
| CWE Content Team | MITRE | updated Demonstrative_Examples | |
| CWE Content Team | MITRE | updated Relationships |
