CWE-1242
Inclusion of Undocumented Features or Chicken Bits
Incomplete
2020-02-24
00h00 +00:00
00h00 +00:00
2025-04-03
00h00 +00:00
00h00 +00:00
Notifications pour un CWE
Restez informé de toutes modifications pour un CWE spécifique.
Nom: Inclusion of Undocumented Features or Chicken Bits
The device includes chicken bits or undocumented features that can create entry points for unauthorized actors.
Description du CWE
A common design practice is to use undocumented bits on a device that can be used to disable certain functional security features. These bits are commonly referred to as "chicken bits". They can facilitate quick identification and isolation of faulty components, features that negatively affect performance, or features that do not provide the required controllability for debug and test. Another way to achieve this is through implementation of undocumented features. An attacker might exploit these interfaces for unauthorized access.
Informations générales
Modes d'introduction
Architecture and DesignImplementation
Documentation
Plateformes applicables
Langue
Class: Not Language-Specific (Undetermined)Systèmes d’exploitation
Class: Not OS-Specific (Undetermined)Architectures
Class: Not Architecture-Specific (Undetermined)Technologies
Class: Not Technology-Specific (Undetermined)Class: ICS/OT (Undetermined)
Conséquences courantes
| Portée | Impact | Probabilité |
|---|---|---|
| Confidentiality Integrity Availability Access Control | Modify Memory, Read Memory, Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity, Bypass Protection Mechanism |
Mesures d’atténuation potentielles
Phases : Architecture and Design // ImplementationThe implementation of chicken bits in a released product is highly discouraged. If implemented at all, ensure that they are disabled in production devices. All interfaces to a device should be documented.
Notes de cartographie des vulnérabilités
Justification : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.Commentaire : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Modèles d'attaque associés
| CAPEC-ID | Nom du modèle d'attaque |
|---|---|
| CAPEC-212 | Functionality Misuse An adversary leverages a legitimate capability of an application in such a way as to achieve a negative technical impact. The system functionality is not altered or modified but used in a way that was not intended. This is often accomplished through the overuse of a specific functionality or by leveraging functionality with design flaws that enables the adversary to gain access to unauthorized, sensitive data. |
| CAPEC-36 | Using Unpublished Interfaces or Functionality An adversary searches for and invokes interfaces or functionality that the target system designers did not intend to be publicly available. If interfaces fail to authenticate requests, the attacker may be able to invoke functionality they are not authorized for. |
Références
REF-1071
Doors of Durin: The Veiled Gate to Siemens S7 SiliconAli Abbasi, Tobias Scharnowski, Thorsten Holz.
https://i.blackhat.com/eu-19/Wednesday/eu-19-Abbasi-Doors-Of-Durin-The-Veiled-Gate-To-Siemens-S7-Silicon.pdf
REF-1072
Breakthrough Silicon Scanning Discovers Backdoor in Military ChipSergei Skorobogatov, Christopher Woods.
https://www.cl.cam.ac.uk/~sps32/Silicon_scan_draft.pdf
REF-1073
God Mode Unlocked: Hardware Backdoors in x86 CPUsChris Domas.
https://i.blackhat.com/us-18/Thu-August-9/us-18-Domas-God-Mode-Unlocked-Hardware-Backdoors-In-x86-CPUs.pdf
REF-1074
Hardware Backdooring is PracticalJonathan Brossard.
https://media.blackhat.com/bh-us-12/Briefings/Brossard/BH_US_12_Brossard_Backdoor_Hacking_Slides.pdf
REF-1075
Security, Reliability, and BackdoorsSergei Skorabogatov.
https://www.cl.cam.ac.uk/~sps32/SG_talk_SRB.pdf
Soumission
| Nom | Organisation | Date | Date de publication | Version |
|---|---|---|---|---|
| Arun Kanuparthi, Hareesh Khattri, Parbati Kumar Manna, Narasimha Kumar V Mangipudi | Intel Corporation | 4.0 |
Modifications
| Nom | Organisation | Date | Commentaire |
|---|---|---|---|
| CWE Content Team | MITRE | updated Applicable_Platforms, Demonstrative_Examples, Description, Potential_Mitigations, Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Applicable_Platforms | |
| CWE Content Team | MITRE | updated Relationships, Taxonomy_Mappings | |
| CWE Content Team | MITRE | updated Mapping_Notes, Taxonomy_Mappings | |
| CWE Content Team | MITRE | updated Taxonomy_Mappings | |
| CWE Content Team | MITRE | updated Relationships |
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC)
sont maintenues par MITRE Corporation, et les informations sur les configurations
logicielles et matérielles (CPE) proviennent du NVD.