CWE-1320 – Improper Protection for Out of Bounds Signal Level Alerts

Read Time:25 Second

Description

Untrusted agents can disable alerts about signal conditions exceeding limits or the response mechanism that handles such alerts.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-284

 

Consequences

Availability: DoS: Instability, DoS: Crash, Exit, or Restart, Reduce Reliability, Unexpected State

 

Potential Mitigations

Phase: Architecture and Design

Description: 

Alert signals generated by critical events should be protected from access by untrusted agents. Only hardware or trusted firmware modules should be able to alter the alert configuration.

CVE References