CWE-1209: Failure to Disable Reserved Bits
ID
CWE-1209
Abstraction
Base
Structure
Simple
Status
Incomplete
The reserved bits in a hardware design are not disabled prior to production. Typically, reserved bits are used for future capabilities and should not support any functional logic in the design. However, designers might covertly use these bits to debug or further develop new capabilities in production hardware. Adversaries with access to these bits will write to them in hopes of compromising hardware state.
Reserved bits are labeled as such so they can be allocated for a later purpose. They are not to do anything in the current design. However, designers might want to use these bits to debug or control/configure a future capability to help minimize time to market (TTM). If the logic being controlled by these bits is still enabled in production, an adversary could use the logic to induce unwanted/unsupported behavior in the hardware.
Modes of Introduction
| Phase | Note |
|---|---|
| Architecture and Design | The Designer and Implementer have to make a conscious choice to do this |
| Implementation | The Designer and Implementer have to make a conscious choice to do this |
| Documentation | If documentation labels anything "for future use", "reserved", or the like, such labeling could indicate to an attacker a potential attack point |
Applicable Platforms
| Type | Class | Name | Prevalence |
|---|---|---|---|
| Language | Not Language-Specific | ||
| Operating_system | Not OS-Specific | ||
| Architecture | Not Architecture-Specific | ||
| Technology | System on Chip |
Common Attack Pattern Enumeration and Classification (CAPEC)
The Common Attack Pattern Enumeration and Classification (CAPECâ„¢) effort provides a publicly available catalog of common attack patterns that helps users understand how adversaries exploit weaknesses in applications and other cyber-enabled capabilities.
CAPEC at Mitre.org
Loading...