BaseIncomplete

CWE-1242Inclusion of Undocumented Features or Chicken Bits

Category: other

Description

The device includes chicken bits or undocumented features that can create entry points for unauthorized actors.

Common consequences· 1

  • Confidentiality / Integrity / Availability / Access Control — Modify Memory, Read Memory, Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity, Bypass Protection Mechanism
    An attacker might exploit these interfaces for unauthorized access.

Potential mitigations· 1

  • [Architecture and Design, Implementation]

Related CAPEC attack patterns· 2

CAPEC-212CAPEC-36

References

  1. https://cwe.mitre.org/data/definitions/1242.html

Exploits (incoming)2

TypeTargetConfidenceTier
AttackPatternFunctionality Misusecapec-212100%live
AttackPatternUsing Unpublished Interfaces or Functionalitycapec-36100%live

(incoming)3

TypeTargetConfidenceTier
VulnerabilityCVE-2025-12176cve-2025-121760%live
VulnerabilityCVE-2025-41756cve-2025-417560%live
VulnerabilityCVE-2025-55050cve-2025-550500%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Missing Security-Relevant Feedback for Unexecuted Operations in Hardware Interface
CWE
Security-Sensitive Hardware Controls with Missing Lock Bit Protection
CWE
Improper Restriction of Software Interfaces to Hardware Features
CWE
Improper Protection against Electromagnetic Fault Injection (EM-FI)
CWE
Internal Asset Exposed to Unsafe Debug Access Level or State
CWE
Exposure of Sensitive Information to an Unauthorized Actor
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.