CWE-1284 – Improper Validation of Specified Quantity in Input
Description The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates...
CWE-1283 – Mutable Attestation or Measurement Reporting Data
Description The register contents used for attestation or measurement reporting data to verify boot flow are modifiable by an adversary. Modes of Introduction: - Architecture...
CWE-1282 – Assumed-Immutable Data is Stored in Writable Memory
Description Immutable data, such as a first-stage bootloader, device identifiers, and "write-once" configuration settings are stored in writable memory that can be re-programmed or updated...
CWE-1281 – Sequence of Processor Instructions Leads to Unexpected Behavior
Description Specific combinations of processor instructions lead to undesirable behavior such as locking the processor until a hard reset performed. Modes of Introduction: - Architecture...
CWE-1280 – Access Control Check Implemented After Asset is Accessed
Description A product's hardware-based access control check occurs after the asset has been accessed. Modes of Introduction: - Implementation Related Weaknesses CWE-696 CWE-284...
CWE-128 – Wrap-around Error
Description Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small,...
CWE-1279 – Cryptographic Operations are run Before Supporting Units are Ready
Description Performing cryptographic operations without ensuring that the supporting inputs are ready to supply valid data may compromise the cryptographic result. Many cryptographic hardware units...
CWE-1278 – Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques
Description Information stored in hardware may be recovered by an attacker with the capability to capture and analyze images of the integrated circuit using techniques...
CWE-1277 – Firmware Not Updateable
Description The product does not provide its users with the ability to update or patch its firmware to address any vulnerabilities or weaknesses that may...
CWE-1276 – Hardware Child Block Incorrectly Connected to Parent System
Description Signals between a hardware IP and the parent system design are incorrectly connected causing security risks. Modes of Introduction: - Implementation Related...