CWE-1319 Missing OBEX - Githubissues

CWE-CAPEC / hw-cwe-sig

GitHub Repository for the HW CWE SIG

14 stars 9 forks source link

CWE-1319 Missing OBEX #90

Closed BobH-MITRE closed 1 year ago

BobH-MITRE commented 1 year ago

CWE-1319 Missing OBEX

stevechristeycoley commented 1 year ago

from @g-kini while finding obex for the new "incorrect initialization" CWE-1419:

CVE-2020-27211 - chain: microcontroller system-on-chip uses a register value stored in flash to set product protection state on the memory bus and does not contain protection against fault injection (CWE-1319) which leads to an incorrect initialization of the memory bus (CWE-1419) causing the product to be in an unprotected state.

BobH-MITRE commented 1 year ago

This OBEX has been staged in DEV and will close this tracker after release.