CWE-1221: Incorrect Register Defaults or Module Parameters
low-riskHardware description language code incorrectly defines register defaults or hardware Intellectual Property (IP) parameters to insecure values.
Abstraction: Base
Common Consequences
Confidentiality
→
Varies by Context
Detection Methods
Automated Analysis
Use automated tools to test that values are configured per design specifications.
Real-World Examples (2)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2022-20661 | 4.6 | 0.3% | — |
| CVE-2022-20731 | 4.6 | 0.1% | — |
0
/ 100
low-risk
Active Threat
0/50 · Minimal
Exploit Availability
0/50 · Minimal