CWE-1326: Missing Immutable Root of Trust in Hardware
A missing immutable root of trust in the hardware results in the ability to bypass secure boot or execute untrusted or adversarial boot code.
View on MITREExtended Description
A System-on-Chip (SoC) implements secure boot by verifying or authenticating signed boot code. The signing of the code is achieved by an entity that the SoC trusts. Before executing the boot code, the SoC verifies that the code or the public key with which the code has been signed has not been tampered with. The other data upon which the SoC depends are system-hardware settings in fuses such as whether "Secure Boot is enabled". These data play a crucial role in establishing a Root of Trust (RoT) to execute secure-boot flows. One of the many ways RoT is achieved is by storing the code and data in memory or fuses. This memory should be immutable, i.e., once the RoT is programmed/provisioned in memory, that memory should be locked and prevented from further programming or writes. If the memory contents (i.e., RoT) are mutable, then an adversary can modify the RoT to execute their choice of code, resulting in a compromised secure boot. Note that, for components like ROM, secure patching/update features should be supported to allow authenticated and authorized updates in the field.
Technical Details
- Structure
- Simple
Applicable To
Security Consequences
Scope
Impact
Likelihood
HighMitigation Strategies
Phase
Description
When architecting the system, the RoT should be designated for storage in a memory that does not allow further programming/writes.
Phase
Description
During implementation and test, the RoT memory location should be demonstrated to not allow further programming/writes.
Detection Methods
Method
Automated Dynamic AnalysisDescription
Automated testing can verify that RoT components are immutable.
Effectiveness
HighMethod
Architecture or Design ReviewDescription
Root of trust elements and memory should be part of architecture and design reviews.
Effectiveness
HighCode Examples & CVEs
Demonstrative Examples
The example code below is a snippet from the bootrom of the HACK@DAC'19 buggy OpenPiton SoC [REF-1348]. The contents of the bootrom are critical in implementing the hardware root of trust.
It performs security-critical functions such as defining the system's device tree, validating the hardware cryptographic accelerators in the system, etc. Hence, write access to bootrom should be strictly limited to authorized users or removed completely so that bootrom is immutable. In this example (see the vulnerable code source), the boot instructions are stored in bootrom memory, mem. This memory can be read using the read address, addr_i, but write access should be restricted or removed.
The example code below is a snippet from the bootrom of the HACK@DAC'19 buggy OpenPiton SoC [REF-1348]. The contents of the bootrom are critical in implementing the hardware root of trust.
It performs security-critical functions such as defining the system's device tree, validating the hardware cryptographic accelerators in the system, etc. Hence, write access to bootrom should be strictly limited to authorized users or removed completely so that bootrom is immutable. In this example (see the vulnerable code source), the boot instructions are stored in bootrom memory, mem. This memory can be read using the read address, addr_i, but write access should be restricted or removed.
CWE Relationships
No relationship information available for this CWE.
Frequently Asked Questions
What is CWE-1326: Missing Immutable Root of Trust in Hardware?+
CWE-1326: Missing Immutable Root of Trust in Hardware is a Common Weakness Enumeration (CWE) entry maintained by MITRE. A missing immutable root of trust in the hardware results in the ability to bypass secure boot or execute untrusted or adversarial boot code. A System-on-Chip (SoC) implements secure boot by verifying or authenticating signed boot code. The signing of the code is achieved by an entity that the SoC trusts. Before executing the boot code, the SoC verifies that the code or the public key with which the code has been signed has not been tampered with. The other data upon which the SoC depends are system-hardware settings in fuses such as whether "Secure Boot is enabled". These data play a crucial role in establishing a Root of Trust (RoT) to execute secure-boot flows. One of the many ways RoT is achieved is by storing the code and data in memory or fuses. This memory should be immutable, i.e., once the RoT is programmed/provisioned in memory, that memory should be locked and prevented from further programming or writes. If the memory contents (i.e., RoT) are mutable, then an adversary can modify the RoT to execute their choice of code, resulting in a compromised secure boot. Note that, for components like ROM, secure patching/update features should be supported to allow authenticated and authorized updates in the field.
What are the security consequences of Missing Immutable Root of Trust in Hardware?+
If exploited, CWE-1326 (Missing Immutable Root of Trust in Hardware) it can compromise Authentication and Authorization, leading to outcomes such as Gain Privileges or Assume Identity, Execute Unauthorized Code or Commands and Modify Memory.
How do you prevent or mitigate Missing Immutable Root of Trust in Hardware?+
Recommended mitigations for CWE-1326 include: When architecting the system, the RoT should be designated for storage in a memory that does not allow further programming/writes. During implementation and test, the RoT memory location should be demonstrated to not allow further programming/writes.
How is Missing Immutable Root of Trust in Hardware detected?+
CWE-1326 can be detected using Automated Dynamic Analysis and Architecture or Design Review. Combining automated tooling with manual review typically yields the best coverage.
Which programming languages are affected by Missing Immutable Root of Trust in Hardware?+
CWE-1326 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.
What is the difference between a CWE and a CVE?+
A CWE (Common Weakness Enumeration) like CWE-1326 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.