Read Time:31 Second

Description

A missing immutable root of trust in the hardware results in the ability to bypass secure boot or execute untrusted or adversarial boot code.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-693

 

Consequences

Authentication, Authorization: Gain Privileges or Assume Identity, Execute Unauthorized Code or Commands, Modify Memory

 

Potential Mitigations

Phase: Architecture and Design

Description: 

When architecting the system, the RoT should be designated for storage in a memory that does not allow further programming/writes.

Phase: Implementation

Description: 

During implementation and test, the RoT memory location should be demonstrated to not allow further programming/writes.

CVE References