1. Home
  2. CWE Database
  3. CWE-1271
Base · Medium

CWE-1271: Uninitialized Value on Reset for Registers Holding Security Settings

Security-critical logic is not set to a known value on reset.

CWE-1271 · Base Level ·2 Mitigations

Description

Security-critical logic is not set to a known value on reset.

When the device is first brought out of reset, the state of registers will be indeterminate if they have not been initialized by the logic. Before the registers are initialized, there will be a window during which the device is in an insecure state and may be vulnerable to attack.

Potential Impact

Access Control, Authentication, Authorization

Varies by Context

Demonstrative Examples

Shown below is a positive clock edge triggered flip-flop used to implement a lock bit for test and debug interface. When the circuit is first brought out of reset, the state of the flip-flop will be unknown until the enable input and D-input signals update the flip-flop state. In this example, an attacker can reset the device until the test and debug interface is unlocked and access the test interface until the lock signal is driven to a known state by the logic.
Bad
always @(posedge clk) begin
					    
					      if (en) lock_jtag <= d;
					    
					    end
The flip-flop can be set to a known value (0 or 1) on reset, but requires that the logic explicitly update the output of the flip-flop if the reset signal is active.
Good
always @(posedge clk) begin
					  
					    if (~reset) lock_jtag <= 0;
					    else if (en) lock_jtag <= d;
					  
					  end

Mitigations & Prevention

Implementation

Design checks should be performed to identify any uninitialized flip-flops used for security-critical functions.

Architecture and Design

All registers holding security-critical information should be set to a specific value on reset.

CWE-909: Missing Initialization of Resource

The product does not initialize a critical resource.

Frequently Asked Questions

What is CWE-1271?

CWE-1271 (Uninitialized Value on Reset for Registers Holding Security Settings) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. Security-critical logic is not set to a known value on reset.

How can CWE-1271 be exploited?

Attackers can exploit CWE-1271 (Uninitialized Value on Reset for Registers Holding Security Settings) to varies by context. This weakness is typically introduced during the Implementation phase of software development.

How do I prevent CWE-1271?

Key mitigations include: Design checks should be performed to identify any uninitialized flip-flops used for security-critical functions.

What is the severity of CWE-1271?

CWE-1271 is classified as a Base-level weakness (Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.