CWE-1234

Hardware Internal or Debug Modes Allow Override of Locks

System configuration protection may be bypassed during debug mode.

Mitigation

Phases: Architecture and Design, Implementation, Testing

Description:

Security Lock bit protections should be reviewed for any bypass/override modes supported.
Any supported override modes either should be removed or protected using authenticated debug modes.
Security lock programming flow and lock properties should be tested in pre-silicon and post-silicon testing.

CAPEC-176: Configuration/Environment Manipulation

An attacker manipulates files or settings external to a target application which affect the behavior of that application. For example, many applications use external configuration files and libraries - modification of these entities or otherwise affecting the application's ability to use them would constitute a configuration/environment manipulation attack.

Back to CWE stats page