CWE-1224: Improper Restriction of Write-Once Bit Fields
low-riskThe hardware design control register "sticky bits" or write-once bit fields are improperly implemented, such that they can be reprogrammed by software.
Abstraction: Base
Common Consequences
Confidentiality
→
Varies by Context
Detection Methods
Automated Analysis
Use automated tools to test that values are not reprogrammable and that write-once fields lock on writing zeros.
Real-World Examples (1)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2022-23005 | 8.7 | 0.3% | — |
0
/ 100
low-risk
Active Threat
0/50 · Minimal
Exploit Availability
0/50 · Minimal