BaseIncomplete

CWE-1283Mutable Attestation or Measurement Reporting Data

Category: other

Description

The register contents used for attestation or measurement reporting data to verify boot flow are modifiable by an adversary.

Common consequences· 1

Confidentiality — Read Memory, Read Application Data

Potential mitigations· 1

[Architecture and Design]

Related CAPEC attack patterns· 1

References

https://cwe.mitre.org/data/definitions/1283.html

Exploits (incoming)1

Type	Target	Confidence	Tier
AttackPattern	Exploitation of Improperly Controlled Registerscapec-680	100%	live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Missing Immutable Root of Trust in Hardware

Incorrect Register Defaults or Module Parameters

Security Version Number Mutable to Older Versions

Improper Restriction of Write-Once Bit Fields

Improper Prevention of Lock Bit Modification

Assumed-Immutable Data is Stored in Writable Memory

Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.