Dettaglio CAPEC-680

CAPEC-680

Exploitation of Improperly Controlled Registers
Medio
Alto
Draft
2021-10-21
00h00 +00:00
CAPEC Mitre.org
Avviso per un CAPEC specifico
Rimani informato su qualsiasi modifica relativa a un CAPEC specifico.
Gestione notifiche

Informazioni CAPEC

Prerequisiti

Awareness of the hardware being leveraged.
Access to the hardware being leveraged.

Competenze richieste

Intricate knowledge of registers.

Mitigazioni

Design proper access control policies for hardware register access from software and ensure these policies are implemented in accordance with the specified design.
Ensure security lock bit protections are reviewed for design inconsistencies and common weaknesses.
Test security lock programming flow in both pre-silicon and post-silicon environments.
Leverage automated tools to test that values are not reprogrammable and that write-once fields lock on writing zeros.
Ensure that measurement data is stored in registers that are read-only or otherwise have access controls that prevent modification by an untrusted agent.

Vulnerabilità correlate

CWE-ID Nome della vulnerabilità

CWE-1224

 Improper Restriction of Write-Once Bit Fields
The hardware design control register "sticky bits" or write-once bit fields are improperly implemented, such that they can be reprogrammed by software.

CWE-1231

 Improper Prevention of Lock Bit Modification
The product uses a trusted lock bit for restricting access to registers, address regions, or other resources, but the product does not prevent the value of the lock bit from being modified after it has been set.

CWE-1233

 Security-Sensitive Hardware Controls with Missing Lock Bit Protection
The product uses a register lock bit protection mechanism, but it does not ensure that the lock bit prevents modification of system registers or controls that perform changes to important hardware system configuration.

CWE-1262

 Improper Access Control for Register Interface
The product uses memory-mapped I/O registers that act as an interface to hardware functionality from software, but there is improper access control to those registers.

CWE-1283

 Mutable Attestation or Measurement Reporting Data
The register contents used for attestation or measurement reporting data to verify boot flow are modifiable by an adversary.

Riferimenti

REF-693

Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit In Windows And Linux
Brandon Hill.
https://hothardware.com/news/intel-cpu-bug-kernel-memory-isolation-linux-windows-macos

Invio

Nome Organizzazione Data Data di rilascio
CAPEC Content Team The MITRE Corporation 2021-10-21 +00:00
Le informazioni presentate su CVE Find provengono da diverse fonti di riferimento attentamente selezionate. I dati CVE sono forniti da MITRE Corporation e dal National Vulnerability Database (NVD). Il catalogo delle vulnerabilità sfruttate conosciute (KEV) proviene dalla Cybersecurity and Infrastructure Security Agency (CISA), mentre i punteggi EPSS provengono da FIRST.org. Inoltre, i dati relativi alle vulnerabilità software (CWE) e ai pattern di attacco comuni (CAPEC) sono mantenuti da MITRE Corporation, e le informazioni sulle configurazioni hardware e software (CPE) sono fornite da NVD.