CWE-1283: Mutable Attestation or Measurement Reporting Data

BaseIncomplete

The register contents used for attestation or measurement reporting data to verify boot flow are modifiable by an adversary.

View on MITRE
Back to CWE Lookup

Extended Description

A System-on-Chip (SoC) implements secure boot or verified boot. During this boot flow, the SoC often measures the code that it authenticates. The measurement is usually done by calculating the one-way hash of the code binary and extending it to the previous hash. The hashing algorithm should be a Secure One-Way hash function. The final hash, i.e., the value obtained after the completion of the boot flow, serves as the measurement data used in reporting or in attestation. The calculated hash is often stored in registers that can later be read by the party of interest to determine tampering of the boot flow. A common weakness is that the contents in these registers are modifiable by an adversary, thus spoofing the measurement.

Technical Details

Structure
Simple

Applicable To

Languages
Not Language-Specific
Platforms
Not OS-Specific

Frequently Asked Questions

What is CWE-1283: Mutable Attestation or Measurement Reporting Data?+

CWE-1283: Mutable Attestation or Measurement Reporting Data is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The register contents used for attestation or measurement reporting data to verify boot flow are modifiable by an adversary. A System-on-Chip (SoC) implements secure boot or verified boot. During this boot flow, the SoC often measures the code that it authenticates. The measurement is usually done by calculating the one-way hash of the code binary and extending it to the previous hash. The hashing algorithm should be a Secure One-Way hash function. The final hash, i.e., the value obtained after the completion of the boot flow, serves as the measurement data used in reporting or in attestation. The calculated hash is often stored in registers that can later be read by the party of interest to determine tampering of the boot flow. A common weakness is that the contents in these registers are modifiable by an adversary, thus spoofing the measurement.

What are the security consequences of Mutable Attestation or Measurement Reporting Data?+

If exploited, CWE-1283 (Mutable Attestation or Measurement Reporting Data) it can compromise Confidentiality, leading to outcomes such as Read Memory and Read Application Data.

How do you prevent or mitigate Mutable Attestation or Measurement Reporting Data?+

Recommended mitigations for CWE-1283 include: Measurement data should be stored in registers that are read-only or otherwise have access controls that prevent modification by an untrusted agent.

Which programming languages are affected by Mutable Attestation or Measurement Reporting Data?+

CWE-1283 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.

What is the difference between a CWE and a CVE?+

A CWE (Common Weakness Enumeration) like CWE-1283 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.

Learn More