Category: General Circuit and Logic Design Concerns
Draft
Summary
Weaknesses in this category are related to hardware-circuit design and logic (e.g., CMOS transistors, finite state machines, and registers) as well as issues related to hardware description languages such as System Verilog and VHDL.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-1209 | Failure to Disable Reserved Bits | The reserved bits in a hardware design are not disabled prior to production. Typically, reserved bits are used for future capabilities and should not support any functional logic in the design. However, designers might covertly use these bits to debug or further develop new capabilities in production hardware. Adversaries with access to these bits will write to them in hopes of compromising hardware state. |
| CWE-1221 | Incorrect Register Defaults or Module Parameters | Hardware description language code incorrectly defines register defaults or hardware Intellectual Property (IP) parameters to insecure values. |
| CWE-1223 | Race Condition for Write-Once Attributes | A write-once register in hardware design is programmable by an untrusted software component earlier than the trusted software component, resulting in a race condition issue. |
| CWE-1224 | Improper Restriction of Write-Once Bit Fields | The hardware design control register "sticky bits" or write-once bit fields are improperly implemented, such that they can be reprogrammed by software. |
| CWE-1231 | Improper Prevention of Lock Bit Modification | The product uses a trusted lock bit for restricting access to registers, address regions, or other resources, but the product does not prevent the value of the lock bit from being modified after it has been set. |
| CWE-1232 | Improper Lock Behavior After Power State Transition | Register lock bit protection disables changes to system configuration once the bit is set. Some of the protected registers or lock bits become programmable after power state transitions (e.g., Entry and wake from low power sleep modes) causing the system configuration to be changeable. |
| CWE-1233 | Security-Sensitive Hardware Controls with Missing Lock Bit Protection | The product uses a register lock bit protection mechanism, but it does not ensure that the lock bit prevents modification of system registers or controls that perform changes to important hardware system configuration. |
| CWE-1234 | Hardware Internal or Debug Modes Allow Override of Locks | System configuration protection may be bypassed during debug mode. |
| CWE-1245 | Improper Finite State Machines (FSMs) in Hardware Logic | Faulty finite state machines (FSMs) in the hardware logic allow an attacker to put the system in an undefined state, to cause a denial of service (DoS) or gain privileges on the victim's system. |
| CWE-1250 | Improper Preservation of Consistency Between Independent Representations of Shared State | The product has or supports multiple distributed components or sub-systems that are each required to keep their own local copy of shared data - such as state or cache - but the product does not ensure that all local copies remain consistent with each other. |
| CWE-1253 | Incorrect Selection of Fuse Values | The logic level used to set a system to a secure state relies on a fuse being unblown. An attacker can set the system to an insecure state merely by blowing the fuse. |
| CWE-1254 | Incorrect Comparison Logic Granularity | The product's comparison logic is performed over a series of steps rather than across the entire string in one operation. If there is a comparison logic failure on one of these steps, the operation may be vulnerable to a timing attack that can result in the interception of the process for nefarious purposes. |
| CWE-1261 | Improper Handling of Single Event Upsets | The hardware logic does not effectively handle when single-event upsets (SEUs) occur. |
| CWE-1298 | Hardware Logic Contains Race Conditions | A race condition in the hardware logic results in undermining security guarantees of the system. |
| CWE-1194 | Hardware Design | This view organizes weaknesses around concepts that are frequently used or encountered in hardware design. Accordingly, this view can align closely with the perspectives of designers, manufacturers, educators, and assessment vendors. It provides a variety of categories that are intended to simplify navigation, browsing, and mapping. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.