Base weakness
Incomplete
Log in
The register contents used for attestation or measurement reporting data to verify boot flow are modifiable by an adversary.
Last updated
A System-on-Chip (SoC) implements secure boot or verified boot. During this boot flow, the SoC often measures the code that it authenticates. The measurement is usually done by calculating the one-way hash of the code binary and extending it to the previous hash. The hashing algorithm should be a Secure One-Way hash function. The final hash, i.e., the value obtained after the completion of the boot flow, serves as the measurement data used in reporting or in attestation. The calculated hash is often stored in registers that can later be read by the party of interest to determine tampering of the boot flow. A common weakness is that the contents in these registers are modifiable by an adversary, thus spoofing the measurement.
2 recorded CVEs are caused by CWE-1283 (Mutable Attestation or Measurement Reporting Data). The highest-severity and most recent are shown first.
What can happen when CWE-1283 is exploited.
Read Memory, Read Application Data
Affects: Confidentiality
Typically introduced during these phases of the software lifecycle.
Practical mitigations for CWE-1283, grouped by where in the lifecycle they apply.
Measurement data should be stored in registers that are read-only or otherwise have access controls that prevent modification by an untrusted agent.
Illustrative examples from MITRE showing how the weakness appears in code.
The SoC extends the hash and stores the results in registers. Without protection, an adversary can write their chosen hash values to these registers. Thus, the attacker controls the reported results.
To prevent the above scenario, the registers should have one or more of the following properties:
Should be Read-Only with respect to an adversary
Cannot be extended or modifiable either directly or indirectly (using a trusted agent as proxy) by an adversary
Should have appropriate access controls or protections
CAPEC attack patterns that exploit this weakness.
Common questions about CWE-1283.
The register contents used for attestation or measurement reporting data to verify boot flow are modifiable by an adversary.
2 recorded CVEs are attributed to CWE-1283, including CVE-2022-1740, CVE-2023-3674.
Measurement data should be stored in registers that are read-only or otherwise have access controls that prevent modification by an untrusted agent.
Exploiting CWE-1283 can lead to: Read Memory, Read Application Data.
2 recorded CVEs are caused by CWE-1283; none are currently in CISA's KEV catalog of actively exploited flaws.
Weakness data is sourced from the MITRE CWE catalog (v4.20). CVE associations are aggregated and kept current by RadicalNotion.AI.
Get alerted the moment a new CWE-1283 vulnerability affects your stack, with AI-written analysis, severity context, and remediation guidance.