CWE-1288 – Improper Validation of Consistency within Input
Description The product receives a complex input with multiple elements or fields that must be consistent with each other, but it does not validate or...
CWE-1287 – Improper Validation of Specified Type of Input
Description The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input...
CWE-1286 – Improper Validation of Syntactic Correctness of Input
Description The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate...
CWE-1285 – Improper Validation of Specified Index, Position, or Offset in Input
Description The product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file,...
CWE-1284 – Improper Validation of Specified Quantity in Input
Description The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates...
CWE-1283 – Mutable Attestation or Measurement Reporting Data
Description The register contents used for attestation or measurement reporting data to verify boot flow are modifiable by an adversary. Modes of Introduction: - Architecture...
CWE-1282 – Assumed-Immutable Data is Stored in Writable Memory
Description Immutable data, such as a first-stage bootloader, device identifiers, and "write-once" configuration settings are stored in writable memory that can be re-programmed or updated...
CWE-1281 – Sequence of Processor Instructions Leads to Unexpected Behavior
Description Specific combinations of processor instructions lead to undesirable behavior such as locking the processor until a hard reset performed. Modes of Introduction: - Architecture...
CWE-1280 – Access Control Check Implemented After Asset is Accessed
Description A product's hardware-based access control check occurs after the asset has been accessed. Modes of Introduction: - Implementation Related Weaknesses CWE-696 CWE-284...
CWE-128 – Wrap-around Error
Description Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small,...
