CAPEC-680 Detail

CAPEC-680

Name

Exploitation of Improperly Controlled Registers

Likihood attacks

Medium

Typical Severity

High

Status

Draft

Published

2021-10-21
00h00 +00:00

Official links

CAPEC Mitre.org

Alerte pour un CAPEC

Stay informed of any changes for a specific CAPEC.

Notifications manage

List of Notifications

Alerte pour un CAPEC

Stay informed of any changes for a specific CAPEC.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specify the CAPEC ID you wish to monitor.

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

Descriptions CAPEC

An adversary exploits missing or incorrectly configured access control within registers to read/write data that is not meant to be obtained or modified by a user.

Informations CAPEC

Prerequisites

Awareness of the hardware being leveraged.
Access to the hardware being leveraged.

Skills Required

Intricate knowledge of registers.

Mitigations

Design proper access control policies for hardware register access from software and ensure these policies are implemented in accordance with the specified design.
Ensure security lock bit protections are reviewed for design inconsistencies and common weaknesses.
Test security lock programming flow in both pre-silicon and post-silicon environments.
Leverage automated tools to test that values are not reprogrammable and that write-once fields lock on writing zeros.
Ensure that measurement data is stored in registers that are read-only or otherwise have access controls that prevent modification by an untrusted agent.

Related Weaknesses

CWE-ID	Weakness Name
CWE-1224	Improper Restriction of Write-Once Bit Fields The hardware design control register "sticky bits" or write-once bit fields are improperly implemented, such that they can be reprogrammed by software.
CWE-1231	Improper Prevention of Lock Bit Modification The product uses a trusted lock bit for restricting access to registers, address regions, or other resources, but the product does not prevent the value of the lock bit from being modified after it has been set.
CWE-1233	Security-Sensitive Hardware Controls with Missing Lock Bit Protection The product uses a register lock bit protection mechanism, but it does not ensure that the lock bit prevents modification of system registers or controls that perform changes to important hardware system configuration.
CWE-1262	Improper Access Control for Register Interface The product uses memory-mapped I/O registers that act as an interface to hardware functionality from software, but there is improper access control to those registers.
CWE-1283	Mutable Attestation or Measurement Reporting Data The register contents used for attestation or measurement reporting data to verify boot flow are modifiable by an adversary.

References

REF-693

Huge Intel CPU Bug Allegedly Causes Kernel Memory Vulnerability With Up To 30% Performance Hit In Windows And Linux
Brandon Hill.
https://hothardware.com/news/intel-cpu-bug-kernel-memory-isolation-linux-windows-macos

Submission

Name	Organization	Date	Date release
CAPEC Content Team	The MITRE Corporation	2021-10-21 +00:00

CAPEC-680 Detail

CAPEC-680

Descriptions CAPEC

Informations CAPEC

Prerequisites

Skills Required

Mitigations

Related Weaknesses

CWE-1224

CWE-1231

CWE-1233

CWE-1262

CWE-1283

References

REF-693

Submission