CWE-1231 Detail

CWE-1231

Name

Improper Prevention of Lock Bit Modification

Status

Stable

Published

2020-02-24
00h00 +00:00

Modified

2023-10-26
00h00 +00:00

Official links

CWE Mitre.org

Notifications for a CWE

Stay informed of any changes for a specific CWE.

Notifications manage

List of Notifications

Notifications for a CWE

Stay informed of any changes for a specific CWE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specify the CWE ID you wish to monitor.

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

Name: Improper Prevention of Lock Bit Modification

The product uses a trusted lock bit for restricting access to registers, address regions, or other resources, but the product does not prevent the value of the lock bit from being modified after it has been set.

CWE Description

In integrated circuits and hardware intellectual property (IP) cores, device configuration controls are commonly programmed after a device power reset by a trusted firmware or software module (e.g., BIOS/bootloader) and then locked from any further modification.

This behavior is commonly implemented using a trusted lock bit. When set, the lock bit disables writes to a protected set of registers or address regions. Design or coding errors in the implementation of the lock bit protection feature may allow the lock bit to be modified or cleared by software after it has been set. Attackers might be able to unlock the system and features that the bit is intended to protect.

General Informations

Modes Of Introduction

Architecture and Design : Such issues could be introduced during hardware architecture and design and identified later during Testing or System Configuration phases.
Implementation : Such issues could be introduced during implementation and identified later during Testing or System Configuration phases.

Applicable Platforms

Language

Class: Not Language-Specific (Undetermined)

Operating Systems

Class: Not OS-Specific (Undetermined)

Architectures

Class: Not Architecture-Specific (Undetermined)

Technologies

Class: Not Technology-Specific (Undetermined)

Common Consequences

Scope	Impact	Likelihood
Access Control	Modify Memory Note: Registers protected by lock bit can be modified even when lock is set.	High

Observed Examples

References	Description
CVE-2017-6283	chip reset clears critical read/write lock permissions for RSA function

Potential Mitigations

Phases : Architecture and Design // Implementation // Testing

Security lock bit protections must be reviewed for design inconsistency and common weaknesses.
Security lock programming flow and lock properties must be tested in pre-silicon and post-silicon testing.

Detection Methods

Manual Analysis

Set the lock bit. Power cycle the device. Attempt to clear the lock bit. If the information is changed, implement a design fix. Retest. Also, attempt to indirectly clear the lock bit or bypass it.
Effectiveness : High

Vulnerability Mapping Notes

Justification : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Comment : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

Related Attack Patterns

CAPEC-ID	Attack Pattern Name
CAPEC-680	Exploitation of Improperly Controlled Registers An adversary exploits missing or incorrectly configured access control within registers to read/write data that is not meant to be obtained or modified by a user.

References

REF-1350

reglk_wrapper.sv
https://github.com/HACK-EVENT/hackatdac21/blob/b9ecdf6068445d76d6bee692d163fededf7a9d9b/piton/design/chip/tile/ariane/src/reglk/reglk_wrapper.sv#L80C1-L80C48

REF-1351

fix cwe 1199 in reglk
https://github.com/HACK-EVENT/hackatdac21/commit/5928add42895b57341ae8fc1f9b8351c35aed865#diff-1c2b09dd092a56e5fb2be431a3849e72ff489d2ae4f4a6bb9c0ea6b7d450135aR80

Submission

Name	Organization	Date	Date release	Version
Arun Kanuparthi, Hareesh Khattri, Parbati Kumar Manna, Narasimha Kumar V Mangipudi	Intel Corporation	2020-01-15 +00:00	2020-02-24 +00:00	4.0

Modifications

Name	Organization	Date	Comment
CWE Content Team	MITRE	2020-06-25 +00:00	updated Demonstrative_Examples
CWE Content Team	MITRE	2020-08-20 +00:00	updated Related_Attack_Patterns
CWE Content Team	MITRE	2021-10-28 +00:00	updated Demonstrative_Examples, Description, Detection_Factors, Name, Observed_Examples, Potential_Mitigations, Relationships, Weakness_Ordinalities
CWE Content Team	MITRE	2022-04-28 +00:00	updated Related_Attack_Patterns, Relationships
CWE Content Team	MITRE	2023-04-27 +00:00	updated Relationships
CWE Content Team	MITRE	2023-06-29 +00:00	updated Mapping_Notes
CWE Content Team	MITRE	2023-10-26 +00:00	updated Demonstrative_Examples, References