CWE-1234β€”Hardware Internal or Debug Modes Allow Override of Locks

PUBLISHEDweakness record
released 2020-02-24 Β· last modified 2025-12-11

Metadata

CWE ID:
CWE-1234
Abstraction:
Base
Structure:
Simple
Status:
Incomplete
Release Date:
2020-02-24
Latest Modification Date:
2025-12-11

Weakness Name

Hardware Internal or Debug Modes Allow Override of Locks

Description

System configuration protection may be bypassed during debug mode.

Device configuration controls are commonly programmed after a device power reset by a trusted firmware or software module (e.g., BIOS/bootloader) and then locked from any further modification. This is commonly implemented using a trusted lock bit, which when set, disables writes to a protected set of registers or address regions. The lock protection is intended to prevent modification of certain system configuration (e.g., memory/memory protection unit configuration). If debug features supported by hardware or internal modes/system states are supported in the hardware design, modification of the lock protection may be allowed allowing access and modification of configuration information.

Common Consequences

Scope:
Access Control
Impact:
Bypass Protection Mechanism
Notes:
Bypass of lock bit allows access and modification of system configuration even when the lock bit is set.

Related Weaknesses