CWE-1196: Security Flow Issues
ID
CWE-1196
Status
Draft
Weaknesses in this category are related to improper design of full-system security flows, including but not limited to secure boot, secure update, and hardware-device attestation.
Relationships
View | Weakness | ||||||
---|---|---|---|---|---|---|---|
# ID | Name | # ID | Name | Abstraction | Structure | Status | |
CWE-1194 | Hardware Design | CWE-1190 | DMA Device Enabled Too Early in Boot Phase | Base | Simple | Draft | |
CWE-1194 | Hardware Design | CWE-1193 | Power-On of Untrusted Execution Core Before Enabling Fabric Access Control | Base | Simple | Draft | |
CWE-1194 | Hardware Design | CWE-1264 | Hardware Logic with Insecure De-Synchronization between Control and Data Channels | Base | Simple | Incomplete | |
CWE-1194 | Hardware Design | CWE-1274 | Improper Access Control for Volatile Memory Containing Boot Code | Base | Simple | Stable | |
CWE-1194 | Hardware Design | CWE-1283 | Mutable Attestation or Measurement Reporting Data | Base | Simple | Incomplete | |
CWE-1194 | Hardware Design | CWE-1310 | Missing Ability to Patch ROM Code | Base | Simple | Draft | |
CWE-1194 | Hardware Design | CWE-1326 | Missing Immutable Root of Trust in Hardware | Base | Simple | Draft | |
CWE-1194 | Hardware Design | CWE-1328 | Security Version Number Mutable to Older Versions | Base | Simple | Draft |
Loading...