CVEbaza.plCWE DictionaryCWE-1256
Common Weakness Enumeration

CWE-1256

Improper Restriction of Software Interfaces to Hardware Features

Category: BaseCVE: 4
Description

The product provides software-controllable device functionality for capabilities such as power and clock management, but it does not properly limit functionality that can lead to modification of hardware memory or register bits, or the ability to observe physical side channels.

CVE vulnerabilities with CWE-1256 (4)
7.3
CVSS
HIGH
CVE-2024-5477

A potential security vulnerability has been identified in the System BIOS for some HP PC products which may allow escalation of privilege, arbitrary code execution, denial of service, or information disclosure via a physical attack that requires specialized equipment and knowledge. HP is releasing firmware mitigation for the potential vulnerability.

pub. 2025-08-13
6.7
CVSS
MEDIUM
CVE-2024-2881

Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key structure.

pub. 2024-08-30
5.9
CVSS
MEDIUM
CVE-2024-1545

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the RsaKey structure.

pub. 2024-08-29
5.6
CVSS
MEDIUM
CVE-2024-48869

Improper restriction of software interfaces to hardware features for some Intel(R) Xeon(R) 6 processor with E-cores when using Intel(R) Trust Domain Extensions (Intel(R) TDX) or Intel(R) Software Guard Extensions (Intel(R) SGX) may allow a privileged user to potentially enable escalation of privilege via local access.

pub. 2025-05-13
Information
ID: CWE-1256
Type: Base
Vulnerabilities: 4
MITRE CWE ↗
← CWE Dictionary
CWE-1256 — Improper Restriction of Software Interfaces to Hardware Features | CWE Dictionary | CVEbaza.pl