CWE-1271: Uninitialized Value on Reset for Registers Holding Security Settings
Security-critical logic is not set to a known value on reset.
View on MITREExtended Description
When the device is first brought out of reset, the state of registers will be indeterminate if they have not been initialized by the logic. Before the registers are initialized, there will be a window during which the device is in an insecure state and may be vulnerable to attack.
Technical Details
- Structure
- Simple
Applicable To
Security Consequences
Scope
Impact
Mitigation Strategies
Phase
Description
Design checks should be performed to identify any uninitialized flip-flops used for security-critical functions.
Phase
Description
All registers holding security-critical information should be set to a specific value on reset.
Detection Methods
No detection method information available for this CWE.
Code Examples & CVEs
Demonstrative Examples
Shown below is a positive clock edge triggered flip-flop used to implement a lock bit for test and debug interface. When the circuit is first brought out of reset, the state of the flip-flop will be unknown until the enable input and D-input signals update the flip-flop state. In this example, an attacker can reset the device until the test and debug interface is unlocked and access the test interface until the lock signal is driven to a known state by the logic.
The flip-flop can be set to a known value (0 or 1) on reset, but requires that the logic explicitly update the output of the flip-flop if the reset signal is active.
Shown below is a positive clock edge triggered flip-flop used to implement a lock bit for test and debug interface. When the circuit is first brought out of reset, the state of the flip-flop will be unknown until the enable input and D-input signals update the flip-flop state. In this example, an attacker can reset the device until the test and debug interface is unlocked and access the test interface until the lock signal is driven to a known state by the logic.
The flip-flop can be set to a known value (0 or 1) on reset, but requires that the logic explicitly update the output of the flip-flop if the reset signal is active.
CWE Relationships
No relationship information available for this CWE.
Frequently Asked Questions
What is CWE-1271: Uninitialized Value on Reset for Registers Holding Security Settings?+
CWE-1271: Uninitialized Value on Reset for Registers Holding Security Settings is a Common Weakness Enumeration (CWE) entry maintained by MITRE. Security-critical logic is not set to a known value on reset. When the device is first brought out of reset, the state of registers will be indeterminate if they have not been initialized by the logic. Before the registers are initialized, there will be a window during which the device is in an insecure state and may be vulnerable to attack.
What are the security consequences of Uninitialized Value on Reset for Registers Holding Security Settings?+
If exploited, CWE-1271 (Uninitialized Value on Reset for Registers Holding Security Settings) it can compromise Access Control, Authentication and Authorization, leading to outcomes such as Varies by Context.
How do you prevent or mitigate Uninitialized Value on Reset for Registers Holding Security Settings?+
Recommended mitigations for CWE-1271 include: Design checks should be performed to identify any uninitialized flip-flops used for security-critical functions. All registers holding security-critical information should be set to a specific value on reset.
Which programming languages are affected by Uninitialized Value on Reset for Registers Holding Security Settings?+
CWE-1271 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.
What is the difference between a CWE and a CVE?+
A CWE (Common Weakness Enumeration) like CWE-1271 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.