CVEbaza.plSłownik CWECWE-1304
Common Weakness Enumeration

CWE-1304

Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation

Kategoria: BaseCVE: 2
Opis

Produkt wykonuje operację oszczędzania/przywracania energii, ale nie zapewnia, że integralność stanu konfiguracji jest utrzymywana i/lub weryfikowana między rozpoczęciem a zakończeniem operacji. Brak weryfikacji może prowadzić do uszkodzenia lub nieautoryzowanej modyfikacji ustawień sprzętu.

Description (EN)

The product performs a power save/restore operation, but it does not ensure that the integrity of the configuration state is maintained and/or verified between the beginning and ending of the operation.

Podatności CVE z CWE-1304 (2)
7.1
CVSS
HIGH
CVE-2023-31316

Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor (ASP) could allow an attacker with the ability to write outside the trusted memory range (TMR) to change the execution flow of the Video Core Next (VCN) firmware potentially impacting confidentiality, integrity, or availability.

pub. 2026-05-15
4.6
CVSS
MEDIUM
CVE-2024-23485

Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation (CWE-1304) in the Controller 6000 and 7000 can lead to secured door locks connected via Aperio Communication Hubs to momentarily allow free access.  This issue affects: Gallagher Controller 6000 and 7000 9.10 prior to vCR9.10.240520a (distributed in 9.10.1268(MR1)), 9.00 prior to vCR9.00.240521a (distributed in 9.00.1990(MR3)),  8.90 prior to vCR8.90.240520a (distributed in 8.90.1947 (MR4)), 8.80 prior to vCR8.80.240520a (distributed in 8.80.1726 (MR5)), 8.70 prior to vCR8.70.240520a (distributed in 8.70.2824 (MR7)), all versions of 8.60 and prior.

pub. 2024-07-11
Informacje
ID: CWE-1304
Typ: Base
Podatności: 2
MITRE CWE ↗
← Słownik CWE