CVEbaza.plCWE DictionaryCWE-1231
Common Weakness Enumeration

CWE-1231

Improper Prevention of Lock Bit Modification

Category: BaseCVE: 3
Description

The product uses a trusted lock bit for restricting access to registers, address regions, or other resources, but the product does not prevent the value of the lock bit from being modified after it has been set.

CVE vulnerabilities with CWE-1231 (3)
7.5
CVSS
HIGH
CVE-2024-36354

Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to bypass SMM isolation potentially resulting in arbitrary code execution at the SMM level.

pub. 2025-09-06
6.7
CVSS
MEDIUM
CVE-2025-52536

Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.

pub. 2026-02-10
6.0
CVSS
MEDIUM
CVE-2022-42285

DGX A100 SBIOS contains a vulnerability in the Pre-EFI Initialization (PEI)phase, where a privileged user can disable SPI flash protection, which may lead to denial of service, escalation of privileges, or data tampering.

pub. 2023-01-13
Information
ID: CWE-1231
Type: Base
Vulnerabilities: 3
MITRE CWE ↗
← CWE Dictionary