CWE-1233
Security-Sensitive Hardware Controls with Missing Lock Bit Protection
The product uses a register lock bit protection mechanism, but it does not ensure that the lock bit prevents modification of system registers or controls that perform changes to important hardware system configuration.
Mitigation
Phases: Architecture and Design, Implementation, Testing
Description:
- Security lock bit protections must be reviewed for design inconsistency and common weaknesses.
- Security lock programming flow and lock properties must be tested in pre-silicon and post-silicon testing.
CAPEC-176: Configuration/Environment Manipulation
An attacker manipulates files or settings external to a target application which affect the behavior of that application. For example, many applications use external configuration files and libraries - modification of these entities or otherwise affecting the application's ability to use them would constitute a configuration/environment manipulation attack.
CAPEC-680: Exploitation of Improperly Controlled Registers
An adversary exploits missing or incorrectly configured access control within registers to read/write data that is not meant to be obtained or modified by a user.