CWE

普遍的弱点

社区开发的软件和硬件弱点类型清单
2021 CWE Most Important Hardware Weaknesses
CWE Top 25 Most Dangerous Weaknesses
Home>CWE List> cwe-单个字典定义(4.10)
ID

CWE-1231:预防锁定位修改不当

Weakness ID: 1231
Abstraction:Base
Structure:Simple
查看自定义信息:
+描述
该产品使用可信赖的锁定位来限制对寄存器,地址区域或其他资源的访问,但是该产品并不能阻止锁定位的值在设置后修改。
+扩展描述

在集成电路和硬件知识属性(IP)内核中,设备配置控件通常是由受信任的固件或软件模块(例如BIOS/Bootloader)重置设备电源后编程的,然后从任何进一步的修改中锁定。

这种行为通常使用受信任的锁位实现。设置时,锁定位会写入受保护的寄存器或地址区域的集合。在实现锁定位保护功能的实现中的设计或编码错误可能会允许设置软件后修改或清除锁定位。攻击者可能能够解锁位旨在保护的系统和功能。

+Relationships
Section HelpThis table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as PeerOf and CanAlsoBe are defined to show similar weaknesses that the user may want to explore.
+与观点“研究概念”相关(CWE-1000)
Nature 类型 ID Name
ChildOf 支柱支柱 - 弱点是最抽象的弱点类型,代表了与之相关的所有类别/基础/变体弱点的主题。从技术上讲,柱子与类别不同,因为在技术上仍然是一种描述错误的弱点,而类别代表用于分组相关事物的常见特征。 284 不当访问控制
Section HelpThis table shows the weaknesses and high level categories that are related to this weakness. These relationships are defined as ChildOf, ParentOf, MemberOf and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as PeerOf and CanAlsoBe are defined to show similar weaknesses that the user may want to explore.
+与视图“硬件设计”相关(CWE-1194)
Nature 类型 ID Name
成员 类别类别 - 包含共享共同特征的其他条目的CWE条目。 1199 通用电路和逻辑设计问题
+Modes Of Introduction
Section HelpThe different Modes of Introduction provide information about how and when this weakness may be introduced. The Phase identifies a point in the life cycle at which introduction may occur, while the Note provides a typical scenario related to introduction during the given phase.
阶段 Note
建筑和设计 Such issues could be introduced during hardware architecture and design and identified later during Testing or System Configuration phases.
执行 Such issues could be introduced during implementation and identified later during Testing or System Configuration phases.
+Applicable Platforms
Section HelpThis listing shows possible areas for which the given weakness could appear. These may be for specific named Languages, Operating Systems, Architectures, Paradigms, Technologies, or a class of such platforms. The platform is listed along with how frequently the given weakness appears for that instance.

Languages

Class: Not Language-Specific(Undetermined Prevalence)

操作系统

Class: Not OS-Specific(Undetermined Prevalence)

Architectures

班级:不是特定于建筑的(Undetermined Prevalence)

技术

班级:不是针对技术的(Undetermined Prevalence)

+Common Consequences
Section HelpThis table specifies different individual consequences associated with the weakness. The Scope identifies the application security area that is violated, while the Impact describes the negative technical impact that arises if an adversary succeeds in exploiting this weakness. The Likelihood provides information about how likely the specific consequence is expected to be seen relative to the other consequences in the list. For example, there may be high likelihood that a weakness will be exploited to achieve a certain impact, but a low likelihood that it will be exploited to achieve a different impact.
Scope 影响 Likelihood
访问控制

Technical Impact:Modify Memory

即使设置锁定,也可以修改受锁定位保护的寄存器。
 高的
+示例的例子

示例1

考虑以下示例设计的数字热传感器,该数字热传感器检测到硅和触发系统关闭的过热。系统临界温度限制(criality_temp_limit)和热传感器校准(temp_sensor_calib)数据必须由固件编程,然后需要锁定寄存器(temp_sensor_lock)。

(bad code)
示例语言:Other
Register Field description
critical_temp_limit [31:8] Reserved field; Read only; Default 0
[7:0]关键温度0-255摄氏;读写锁;默认125
TEMP_SENSOR_CALIB [31:0]热传感器校准数据。斜率值用于将传感器读数映射到学位。
TEMP_SENSOR_LOCK [31:1] Reserved field; Read only; Default 0
[0] Lock bit, locks CRITICAL_TEMP_LIMIT and TEMP_SENSOR_CALIB registers; Write-1-once; Default 0
temp_hw_shutdown [31:2]保留场;只读;默认值0
[1]启用关键温度检测的硬件关闭;读写;默认值0
current_temp [31:8] Reserved field; Read only; Default 0
[7:0]当前温度为0-255摄氏度;只读;默认值0

在此示例中,请注意,如果系统加热到临界温度,则系统的响应由temp_hw_shutdown bit [1]控制,这是不可锁定的。因此,关键温度传感器的预期安全属性无法得到充分保护,因为即使设置了锁定位以禁用关闭响应,软件也会误配置temp_hw_shutdown寄存器。

(好代码)

To fix this weakness, one could change the TEMP_HW_SHUTDOWN field to be locked by TEMP_SENSOR_LOCK.

temp_hw_shutdown [31:2]保留场;只读;默认值0
[1]启用关键温度检测的硬件关闭;Read-write-Lock; Default 0
[0] Locked by TEMP_SENSOR_LOCK
+观察到的例子
参考 描述
chip reset clears critical read/write lock permissions for RSA function
+潜在的缓解

阶段:建筑和设计;执行;测试

  • Security lock bit protections must be reviewed for design inconsistency and common weaknesses.
  • Security lock programming flow and lock properties must be tested in pre-silicon and post-silicon testing.

有效性:高
+Weakness Ordinalities
Ordinality 描述
基本的
(弱点独立于其他弱点的地方)
+Detection Methods

Manual Analysis

Set the lock bit. Power cycle the device. Attempt to clear the lock bit. If the information is changed, implement a design fix. Retest. Also, attempt to indirectly clear the lock bit or bypass it.

有效性:高
+会员资格
Section HelpThis MemberOf Relationships table shows additional CWE Categories and Views that reference this weakness as a member. This information is often useful in understanding where a weakness fits within the context of external information sources.
Nature 类型 ID Name
成员 ViewView - a subset of CWE entries that provides a way of examining CWE content. The two main view structures are Slices (flat lists) and Graphs (containing relationships between entries). 1343 2021 CWE中最重要的硬件弱点列表中的弱点
成员 类别类别 - 包含共享共同特征的其他条目的CWE条目。 1372 ICS Supply Chain: OT Counterfeit and Malicious Corruption
+Content History
+提交
提交日期 Submitter 组织
2020-01-15 Arun Kanuparthi,Hareesh Khattri,Parbati Kumar Manna,Narasimha Kumar v Mangipudi Intel Corporation
+Contributions
贡献日期 Contributor 组织
2021-10-20 Narasimha Kumar V Mangipudi Lattice Semiconductor
审查内容更改
2021-10-22 Hareesh Khattri Intel Corporation
提供了观察到的例子
+Modifications
Modification Date 修饰符 组织
2020-06-25 CWE Content Team MITRE
更新了示范_examples
2020-08-20 CWE Content Team MITRE
updated Related_Attack_Patterns
2021-10-28 CWE Content Team MITRE
更新了示范_examples, Description, Detection_Factors, Name, Observed_Examples, Potential_Mitigations, Relationships, Weakness_Ordinalities
2022-04-28 CWE Content Team MITRE
更新相关的_attack_patterns,关系
+先前的输入名称
改变日期 Previous Entry Name
2021-10-28 锁定保护登记簿的实施不当
提供更多信息 - 请选择其他过滤器。
Page Last Updated:January 31, 2023

使用共同弱点枚举(CWE)和本网站的相关参考Terms of Use。CWE由美国国土安全部(DHS)Cybersecurity and Infrastructure Security Agency(CISA) and managed by theHomeland Security Systems Engineering and Development Institute(HSSEDI)由manbetx客户端首页(MITER)。版权所有©2006–2023,Miter Comanbetx客户端首页rporation。CWE,CWSS,CWRAF和CWE徽标是Miter Corporation的商标。manbetx客户端首页