BaseIncomplete

CWE-1223Race Condition for Write-Once Attributes

Category: logic

Description

A write-once register in hardware design is programmable by an untrusted software component earlier than the trusted software component, resulting in a race condition issue.

Common consequences· 1

  • Access Control — Bypass Protection Mechanism
    System configuration cannot be programmed in a secure way.

Potential mitigations· 1

  • [Architecture and Design]During hardware design, all register write-once or sticky fields must be evaluated for proper configuration.

Related CAPEC attack patterns· 1

CAPEC-26

References

  1. https://cwe.mitre.org/data/definitions/1223.html

Exploits (incoming)1

TypeTargetConfidenceTier
AttackPatternLeveraging Race Conditionscapec-26100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Improper Restriction of Write-Once Bit Fields
CWE
Hardware Logic Contains Race Conditions
CWE
Incorrect Register Defaults or Module Parameters
CWE
Write-what-where Condition
CWE
Race Condition within a Thread
CWE
Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.