logo

Security Version Number Mutable to Older Versions

Draft Base
Structure: Simple
Description

This vulnerability occurs when a hardware system's security version number can be changed, allowing an attacker to downgrade or roll back the boot firmware to older, vulnerable versions.

Extended Description

Modern System-on-Chip (SoC) designs often use a security version number to enforce secure or verified boot, preventing the installation of older firmware with known security flaws. If an attacker can modify this version counter, they can force a downgrade to a vulnerable version, opening the device to exploitation and completely bypassing the intended update protection. For protection to be effective, the security version number must be stored in a tamper-proof, persistent location that survives resets. The core weakness arises when this critical value is stored in mutable memory, allowing unauthorized roll-back attacks. In some cases, an attacker might even manipulate the version to block legitimate upgrades, creating a denial-of-service condition against security updates and leaving the SoC permanently vulnerable.
Common Consequences 1
Scope: ConfidentialityIntegrityAuthenticationAuthorization

Impact: Other

Impact includes roll-back or downgrade to a vulnerable version of the firmware or DoS (prevent upgrades).
Detection Methods 2
Automated Dynamic AnalysisHigh
Mutability of stored security version numbers and programming with older firmware images should be part of automated testing.
Architecture or Design ReviewHigh
Anti-roll-back features should be reviewed as part of Architecture or Design review.
Potential Mitigations 2
Phase: Architecture and Design
When architecting the system, security version data should be designated for storage in registers that are either read-only or have access controls that prevent modification by an untrusted agent.
Phase: Implementation
During implementation and test, security version data should be demonstrated to be read-only and access controls should be validated.
Demonstrative Examples 1
A new version of firmware is signed with a security version number higher than the previous version. During the firmware update process the SoC checks for the security version number and upgrades the SoC firmware with the latest version. This security version number is stored in persistent memory upon successful upgrade for use across power-on resets.
In general, if the security version number is mutable, the implementation is vulnerable. A mutable security version number allows an adversary to change the security version to a lower value to allow roll-back or to a higher value to prevent future upgrades.
The security version number should be stored in immutable hardware such as fuses, and the writes to these fuses should be highly access-controlled with appropriate authentication and authorization protections.
Applicable Platforms
Languages:
Not Language-Specific : Undetermined
Technologies:
Security Hardware : UndeterminedNot Technology-Specific : Undetermined
Modes of Introduction
Architecture and Design
Implementation
Related Attack Patterns
Related Weaknesses
ChildOf: Improper Authorization (CWE-285)
PeerOf: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') (CWE-757)