Description
The product performs a power save/restore
operation, but it does not ensure that the integrity of
the configuration state is maintained and/or verified between
the beginning and ending of the operation.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
Consequences
Confidentiality, Integrity: DoS: Instability, DoS: Crash, Exit, or Restart, DoS: Resource Consumption (Other), Gain Privileges or Assume Identity, Bypass Protection Mechanism, Alter Execution Logic, Quality Degradation, Unexpected State, Reduce Maintainability, Reduce Performance, Reduce Reliability
Potential Mitigations
Phase: Architecture and Design
Description:
Inside the IP, incorporate integrity checking
on the configuration state via a cryptographic
hash. The hash can be protected inside the IP such as
by storing it in internal registers which never lose
power. Before powering down, the IP performs a hash of
the configuration and saves it in these persistent
registers. Upon restore, the IP performs a hash of the
saved configuration and compares it with the
saved hash. If they do not match, then the IP should
not trust the configuration.
Phase: Integration
Description:
Outside the IP, incorporate integrity checking
of the configuration state via a trusted agent. Before
powering down, the trusted agent performs a hash of the
configuration and saves the hash in persistent storage.
Upon restore, the IP requests the trusted agent
validate its current configuration. If the
configuration hash is invalid, then the IP should not
trust the configuration.
Phase: Integration
Description:
Outside the IP, incorporate a protected
environment that prevents undetected modification of
the configuration state by untrusted agents. Before
powering down, a trusted agent saves the IP’s
configuration state in this protected location that
only it is privileged to. Upon restore, the trusted
agent loads the saved state into the IP.
CVE References
More Stories
The Most Dangerous Vulnerabilities in Apache Tomcat and How to Protect Against Them
Apache Tomcat is an open-source web server and servlet container that is widely used in enterprise environments to run Java...
ZDI-CAN-18333: A Critical Zero-Day Vulnerability in Microsoft Windows
Zero-day vulnerabilities are a serious threat to cybersecurity, as they can be exploited by malicious actors to gain unauthorized access...
CWE-669 – Incorrect Resource Transfer Between Spheres
Description The product does not properly transfer a resource/behavior to another sphere, or improperly imports a resource/behavior from another sphere,...
CWE-67 – Improper Handling of Windows Device Names
Description The software constructs pathnames from user input, but it does not handle or incorrectly handles a pathname containing a...
CWE-670 – Always-Incorrect Control Flow Implementation
Description The code contains a control flow path that does not reflect the algorithm that the path is intended to...
CWE-671 – Lack of Administrator Control over Security
Description The product uses security features in a way that prevents the product's administrator from tailoring security settings to reflect...