CWE-1224 – Improper Restriction of Write-Once Bit Fields
Description The hardware design control register "sticky bits" or write-once bit fields are improperly implemented, such that they can be reprogrammed by software. Modes of...
CWE-1223 – Race Condition for Write-Once Attributes
Description A write-once register in hardware design is programmable by an untrusted software component earlier than the trusted software component, resulting in a race condition...
CWE-1222 – Insufficient Granularity of Address Regions Protected by Register Locks
Description The product defines a large address region protected from modification by the same register lock control bit. This results in a conflict between the...
CWE-1221 – Incorrect Register Defaults or Module Parameters
Description Hardware description language code incorrectly defines register defaults or hardware IP parameters to insecure values. Modes of Introduction: - Implementation Related Weaknesses...
CWE-1220 – Insufficient Granularity of Access Control
Description The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets...
CWE-122 – Heap-based Buffer Overflow
Description A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally...
CWE-121 – Stack-based Buffer Overflow
Description A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or,...
CWE-1209 – Failure to Disable Reserved Bits
Description The reserved bits in a hardware design are not disabled prior to production. Typically, reserved bits are used for future capabilities and should not...
CWE-1204 – Generation of Weak Initialization Vector (IV)
Description The product uses a cryptographic primitive that uses an Initialization Vector (IV), but the product does not generate IVs that are sufficiently unpredictable or...
CWE-120 – Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’)
Description The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size...