Missing Write Protection for Parametric Data Values
This vulnerability occurs when a hardware device fails to protect the scaling parameters used to convert raw sensor readings. Untrusted software can alter these conversion factors, making dangerous conditions appear safe and potentially leading to hardware damage or system failure.
Hardware systems use sensors to monitor critical limits for temperature, power, voltage, and other operational parameters. Trusted firmware like the BIOS typically sets and protects these safety thresholds. However, the raw data from sensors often needs to be scaled using conversion parameters to produce meaningful values (like degrees Celsius or volts). The core issue is that while the final safety limits are often locked down, these underlying scaling factors are left exposed and writable. By manipulating these unprotected scaling parameters, an attacker can distort the sensor's reported values. For example, they could make a dangerously high temperature appear within a normal range. This bypasses the intended safety checks, allowing the system to operate outside its safe design limits, which can cause physical damage to components or lead to a complete operational failure.
Impact: Quality DegradationDoS: Resource Consumption (Other)
Sensor value manipulation, particularly thermal or power, may allow physical damage to occur or disabling of the device by a false fault shutdown causing a Denial-Of-Service.
Effectiveness: High
Code Example:
The sensor frequency value is scaled by applying the function:
otherwhere a and b are the programmable calibration data coefficients. Software sets a and b to zero ensuring the sensed temperature is always zero.
Code Example:
The sensor frequency value is scaled by applying the function:
otherwhere a and b are the programmable calibration data coefficients. Untrusted software is prevented from changing the values of either a or b, preventing this method of manipulating the temperature.