What is the authoritative source for CWE-1224?

Improper Restriction of Write-Once Bit Fields (CWE-1224) is catalogued in MITRE CWE and curated for EU compliance use cases by SQUR.

BaseIncomplete

CWE-1224Improper Restriction of Write-Once Bit Fields

Category: other

Description

The hardware design control register "sticky bits" or write-once bit fields are improperly implemented, such that they can be reprogrammed by software.

Common consequences· 1

Confidentiality / Integrity / Availability / Access Control — Varies by Context
System configuration cannot be programmed in a secure way.

Potential mitigations· 1

[Architecture and Design]During hardware design, all register write-once or sticky fields must be evaluated for proper configuration.

Related CAPEC attack patterns· 1

CAPEC-680

References

https://cwe.mitre.org/data/definitions/1224.html

Exploits (incoming)1

Type	Target	Confidence	Tier
AttackPattern	Exploitation of Improperly Controlled Registerscapec-680	100%	live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE

Improper Prevention of Lock Bit Modification

CWE

Insufficient Granularity of Address Regions Protected by Register Locks

CWE

Improper Access Control for Register Interface

CWE

Improper Write Handling in Limited-write Non-Volatile Memories

CWE

Improper Lock Behavior After Power State Transition

CWE

Security-Sensitive Hardware Controls with Missing Lock Bit Protection

Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.