CWE-1328 Detalhe

Security-version number in hardware is mutable, resulting in the ability to downgrade (roll-back) the boot firmware to vulnerable code versions.

Modos de Introdução

Architecture and Design
Implementation : Such issues could be introduced during hardware architecture and design, and can be identified later during testing or system configuration phases.

Plataformas Aplicáveis

Linguagem

Class: Not Language-Specific (Undetermined)

Sistemas Operacionais

Class: Not OS-Specific (Undetermined)

Arquiteturas

Class: Not Architecture-Specific (Undetermined)

Tecnologias

Name: Security Hardware (Undetermined)
Class: Not Technology-Specific (Undetermined)

Consequências Comuns

Mitigações Potenciais

Phases : Architecture and Design
When architecting the system, security version data should be designated for storage in registers that are either read-only or have access controls that prevent modification by an untrusted agent.
Phases : Implementation
During implementation and test, security version data should be demonstrated to be read-only and access controls should be validated.

Métodos de Detecção

Automated Dynamic Analysis

Mutability of stored security version numbers and programming with older firmware images should be part of automated testing.
Eficácia : High

Architecture or Design Review

Anti-roll-back features should be reviewed as part of Architecture or Design review.
Eficácia : High

Notas de Mapeamento de Vulnerabilidade

Justificativa : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Comentário : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

Padrões de Ataque Relacionados

Submissão

Modificações