CWE-1329
Reliance on Component That is Not Updateable
The product contains a component that cannot be updated or patched in order to remove vulnerabilities or significant bugs.
Mitigation
Phase: Requirements
Description:
- Specify requirements that each component should be updateable, including ROM, firmware, etc.
Mitigation
Phase: Architecture and Design
Description:
- Design the product to allow for updating of its components. Include the external infrastructure that might be necessary to support updates, such as distribution servers.
Mitigation
Phases: Architecture and Design, Implementation
Description:
- With hardware, support patches that can be programmed in-field or during manufacturing through hardware fuses. This feature can be used for limited patching of devices after shipping, or for the next batch of silicon devices manufactured, without changing the full device ROM.
Mitigation
Phase: Implementation
Description:
- Implement the necessary functionality to allow each component to be updated.
No CAPEC attack patterns related to this CWE.