CWE-1224: Improper Restriction of Write-Once Bit Fields

Base Incomplete Simple

CWE版本: 4.18

更新日期: 2025-09-09

弱点描述

The hardware design control register "sticky bits" or write-once bit fields are improperly implemented, such that they can be reprogrammed by software.

常见后果

影响范围: Confidentiality Integrity Availability Access Control

技术影响: Varies by Context

说明: System configuration cannot be programmed in a secure way.

潜在缓解措施

阶段: Architecture and Design

描述: During hardware design all register write-once or sticky fields must be evaluated for proper configuration.

阶段: Testing

描述: The testing phase should use automated tools to test that values are not reprogrammable and that write-once fields lock on writing zeros.

引入模式

阶段	说明
Architecture and Design	-
Implementation	Such issues could be introduced during implementation of hardware design, since IP parameters and defaults are defined in HDL code and identified later during Testing or System Configuration phases.

适用平台

编程语言

Verilog (Undetermined) VHDL (Undetermined)

技术

System on Chip (Undetermined)

关键信息

CWE ID: CWE-1224

抽象级别: Base

结构: Simple

状态: Incomplete

CWE-1224: Improper Restriction of Write-Once Bit Fields

弱点描述

常见后果

潜在缓解措施

引入模式

适用平台

编程语言

技术

关键信息

相关弱点

相关攻击模式

CWE-1224: Improper Restriction of Write-Once Bit Fields

弱点描述

常见后果

潜在缓解措施

引入模式

适用平台

编程语言

技术

关键信息

相关弱点

ChildOf CWE-284

相关攻击模式