CWE-1326: Missing Immutable Root of Trust in Hardware

Base Draft Simple

CWE版本: 4.18

更新日期: 2025-09-09

弱点描述

A missing immutable root of trust in the hardware results in the ability to bypass secure boot or execute untrusted or adversarial boot code.

常见后果

影响范围: Authentication Authorization

技术影响: Gain Privileges or Assume Identity Execute Unauthorized Code or Commands Modify Memory

潜在缓解措施

阶段: Architecture and Design

描述: When architecting the system, the RoT should be designated for storage in a memory that does not allow further programming/writes.

阶段: Implementation

描述: During implementation and test, the RoT memory location should be demonstrated to not allow further programming/writes.

检测方法

方法: Automated Dynamic Analysis

Automated testing can verify that RoT components are immutable.

有效性: High

方法: Architecture or Design Review

Root of trust elements and memory should be part of architecture and design reviews.

有效性: High

引入模式

阶段	说明
Architecture and Design	-
Implementation	Such issues could be introduced during policy definition, hardware architecture, design, manufacturing, and/or provisioning. They can be identified later during testing or system configuration phases.

适用平台

编程语言

Not Language-Specific (Undetermined)

操作系统

Not OS-Specific (Undetermined)

技术

Security Hardware (Undetermined) Not Technology-Specific (Undetermined)

关键信息

CWE ID: CWE-1326

抽象级别: Base

结构: Simple

状态: Draft

CWE-1326: Missing Immutable Root of Trust in Hardware

弱点描述

常见后果

潜在缓解措施

检测方法

引入模式

适用平台

编程语言

操作系统

技术

关键信息

相关弱点

相关攻击模式

CWE-1326: Missing Immutable Root of Trust in Hardware

弱点描述

常见后果

潜在缓解措施

检测方法

引入模式

适用平台

编程语言

操作系统

技术

关键信息

相关弱点

ChildOf CWE-693

相关攻击模式