BaseIncomplete

CWE-1209Failure to Disable Reserved Bits

Category: other

Description

The reserved bits in a hardware design are not disabled prior to production. Typically, reserved bits are used for future capabilities and should not support any functional logic in the design. However, designers might covertly use these bits to debug or further develop new capabilities in production hardware. Adversaries with access to these bits will write to them in hopes of compromising hardware state.

Common consequences· 1

  • Confidentiality / Integrity / Availability / Access Control / Accountability / Authentication / Authorization / Non-Repudiation — Varies by Context
    This type of weakness all depends on the capabilities of the logic being controlled or configured by the reserved bits.

Potential mitigations· 2

  • [Architecture and Design, Implementation]
  • [Integration]

Related CAPEC attack patterns· 1

CAPEC-121

References

  1. https://cwe.mitre.org/data/definitions/1209.html

Exploits (incoming)1

TypeTargetConfidenceTier
AttackPatternExploit Non-Production Interfacescapec-121100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Incorrect Register Defaults or Module Parameters
CWE
Improper Restriction of Write-Once Bit Fields
CWE
Improper Prevention of Lock Bit Modification
CWE
Improper Finite State Machines (FSMs) in Hardware Logic
CWE
Improper Zeroization of Hardware Register
CWE
Missing Protection Mechanism for Alternate Hardware Interface
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.