Category: Security Flow Issues
Draft
Summary
Weaknesses in this category are related to improper design of full-system security flows, including but not limited to secure boot, secure update, and hardware-device attestation.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-1190 | DMA Device Enabled Too Early in Boot Phase | This vulnerability occurs when a device with Direct Memory Access (DMA) capability is activated before the system's security settings are fully locked in during the boot process. This oversight can let an attacker bypass normal protections to read sensitive data from memory or escalate their privileges on the system. |
| CWE-1193 | Power-On of Untrusted Execution Core Before Enabling Fabric Access Control | This vulnerability occurs when a system powers up hardware components containing untrusted firmware before establishing critical security controls for the system's internal communication pathways and memory. |
| CWE-1264 | Hardware Logic with Insecure De-Synchronization between Control and Data Channels | This vulnerability occurs when a hardware design incorrectly forwards data before its security or permission checks have finished processing. It's a timing flaw where the data channel gets ahead of the control channel, potentially leaking information. |
| CWE-1274 | Improper Access Control for Volatile Memory Containing Boot Code | This vulnerability occurs when a system's secure-boot process loads bootloader code into volatile memory (like DRAM or SRAM) but fails to properly lock down that memory region afterward. Without strong access controls, an attacker can modify the boot code in memory, bypassing secure boot and running malicious software. |
| CWE-1283 | Mutable Attestation or Measurement Reporting Data | This vulnerability occurs when the hardware registers storing boot integrity measurements can be altered by an attacker, allowing them to forge verification data and hide a compromised boot process. |
| CWE-1310 | Missing Ability to Patch ROM Code | A system or System-on-Chip (SoC) lacks a mechanism to update its initial boot code stored in Read-Only Memory (ROM), permanently exposing devices to unfixable security vulnerabilities. |
| CWE-1326 | Missing Immutable Root of Trust in Hardware | This vulnerability occurs when a hardware chip lacks a permanent, unchangeable root of trust. Without this immutable foundation, attackers can bypass secure boot protections and run unauthorized or malicious code during the system startup process. |
| CWE-1328 | Security Version Number Mutable to Older Versions | This vulnerability occurs when a hardware system's security version number can be changed, allowing an attacker to downgrade or roll back the boot firmware to older, vulnerable versions. |
| CWE-1194 | Hardware Design | This view organizes weaknesses around concepts that are frequently used or encountered in hardware design. Accordingly, this view can align closely with the perspectives of designers, manufacturers, educators, and assessment vendors. It provides a variety of categories that are intended to simplify navigation, browsing, and mapping. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.