BaseIncomplete

CWE-1221Incorrect Register Defaults or Module Parameters

Category: config

Description

Hardware description language code incorrectly defines register defaults or hardware Intellectual Property (IP) parameters to insecure values.

Common consequences· 1

  • Confidentiality / Integrity / Availability / Access Control — Varies by Context
    Degradation of system functionality, or loss of access control enforcement can occur.

Potential mitigations· 2

  • [Architecture and Design]During hardware design, all the system parameters and register defaults must be reviewed to identify security sensitive settings.
  • [Implementation]The default values of these security sensitive settings need to be defined as part of the design review phase.

Related CAPEC attack patterns· 1

CAPEC-166

References

  1. https://cwe.mitre.org/data/definitions/1221.html

Exploits (incoming)1

TypeTargetConfidenceTier
AttackPatternForce the System to Reset Valuescapec-166100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Uninitialized Value on Reset for Registers Holding Security Settings
CWE
Semiconductor Defects in Hardware Logic with Security-Sensitive Implications
CWE
Improper Restriction of Write-Once Bit Fields
CWE
Failure to Disable Reserved Bits
CWE
Insufficient Granularity of Address Regions Protected by Register Locks
CWE
Improper Prevention of Lock Bit Modification
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.