BaseStable

CWE-1233Security-Sensitive Hardware Controls with Missing Lock Bit Protection

Category: data-exposure

Description

The product uses a register lock bit protection mechanism, but it does not ensure that the lock bit prevents modification of system registers or controls that perform changes to important hardware system configuration.

Common consequences· 1

  • Access Control — Modify Memory
    System Configuration protected by the lock bit can be modified even when the lock is set.

Potential mitigations· 1

  • [Architecture and Design, Implementation, Testing]

Related CAPEC attack patterns· 2

CAPEC-176CAPEC-680

References

  1. https://cwe.mitre.org/data/definitions/1233.html

Exploits (incoming)2

TypeTargetConfidenceTier
AttackPatternExploitation of Improperly Controlled Registerscapec-680100%live
AttackPatternConfiguration/Environment Manipulationcapec-176100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Improper Prevention of Lock Bit Modification
CWE
Improper Access Control for Register Interface
CWE
Insufficient Granularity of Address Regions Protected by Register Locks
CWE
Improper Restriction of Software Interfaces to Hardware Features
CWE
Exposed IOCTL with Insufficient Access Control
CWE
Improper Access Control for Volatile Memory Containing Boot Code
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.