CWE-1328 Detail

Security-version number in hardware is mutable, resulting in the ability to downgrade (roll-back) the boot firmware to vulnerable code versions.

Introductiemodi

Architecture and Design
Implementation : Such issues could be introduced during hardware architecture and design, and can be identified later during testing or system configuration phases.

Toepasselijke platforms

Taal

Class: Not Language-Specific (Undetermined)

Besturingssystemen

Class: Not OS-Specific (Undetermined)

Architecturen

Class: Not Architecture-Specific (Undetermined)

Technologieën

Name: Security Hardware (Undetermined)
Class: Not Technology-Specific (Undetermined)

Veelvoorkomende gevolgen

Mogelijke risicobeperkingen

Phases : Architecture and Design
When architecting the system, security version data should be designated for storage in registers that are either read-only or have access controls that prevent modification by an untrusted agent.
Phases : Implementation
During implementation and test, security version data should be demonstrated to be read-only and access controls should be validated.

Detectiemethoden

Automated Dynamic Analysis

Mutability of stored security version numbers and programming with older firmware images should be part of automated testing.
Effectiviteit : High

Architecture or Design Review

Anti-roll-back features should be reviewed as part of Architecture or Design review.
Effectiviteit : High

Notities kwetsbaarheidsmapping

Rechtvaardiging : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Opmerking : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

Gerelateerde aanvalspatronen

Indiening

Wijzigingen