CWE-1222: Insufficient Granularity of Address Regions Protected by Register Locks

Variant Incomplete Simple

CWE版本: 4.18

更新日期: 2025-09-09

弱点描述

The product defines a large address region protected from modification by the same register lock control bit. This results in a conflict between the functional requirement that some addresses need to be writable by software during operation and the security requirement that the system configuration lock bit must be set during the boot process.

常见后果

影响范围: Access Control

技术影响: Other

说明: System security configuration cannot be defined in a way that does not conflict with functional requirements of device.

潜在缓解措施

阶段: Architecture and Design

引入模式

阶段	说明
Architecture and Design	Such issues are introduced during hardware architecture and design since software controls and configuration are defined during these phases and identified later during Testing or System Configuration phases.

适用平台

编程语言

Not Language-Specific (Undetermined)

操作系统

Not OS-Specific (Undetermined)

技术

System on Chip (Undetermined)

关键信息

CWE ID: CWE-1222

抽象级别: Variant

结构: Simple

状态: Incomplete

CWE-1222: Insufficient Granularity of Address Regions Protected by Register Locks

弱点描述

常见后果

潜在缓解措施

引入模式

适用平台

编程语言

操作系统

技术

关键信息

相关弱点

相关攻击模式

CWE-1222: Insufficient Granularity of Address Regions Protected by Register Locks

弱点描述

常见后果

潜在缓解措施

引入模式

适用平台

编程语言

操作系统

技术

关键信息

相关弱点

ChildOf CWE-1220

相关攻击模式