CWE-128 |
Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value. |
CWE-1280 |
A product's hardware-based access control check occurs after the asset has been accessed. |
CWE-1281 |
Specific combinations of processor instructions lead to undesirable behavior such as locking the processor until a hard reset performed. |
CWE-242 |
The program calls a function that can never be guaranteed to work safely. |
CWE-1282 |
Immutable data, such as a first-stage bootloader, device identifiers, and "write-once" configuration settings are stored in writable memory that can be re-programmed/updated in the field. |
CWE-1283 |
The register contents used for attestation or measurement reporting data to verify boot flow are modifiable by an adversary. |
CWE-1284 |
The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties. |
CWE-1285 |
The product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file, but it does not validate or incorrectly validates that the specified index/position/offset has the required properties. |
CWE-1286 |
The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax. |
CWE-1287 |
The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type. |