CWE-1259: Improper Restriction of Security Token Assignment
low-riskThe System-On-A-Chip (SoC) implements a Security Token mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Tokens are improperly protected.
Abstraction: Base
Common Consequences
Confidentiality
→
Modify Files or Directories
Real-World Examples (10)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2024-36111 | 6.3 | 61.1% | — |
| CVE-2022-23551 | 5.3 | 0.8% | — |
| CVE-2025-27955 | 6.5 | 0.6% | — |
| CVE-2024-36533 | 9.8 | 0.3% | — |
| CVE-2024-41948 | 3.0 | 0.2% | — |
| CVE-2025-56676 | 5.4 | 0.1% | — |
| CVE-2025-51306 | 6.5 | 0.1% | — |
| CVE-2024-4598 | 6.5 | 0.1% | — |
| CVE-2022-23541 | 5.0 | 0.1% | — |
| CVE-2025-56207 | 6.5 | 0.1% | — |
3
/ 100
low-risk
Active Threat
3/50 · Minimal
Exploit Availability
0/50 · Minimal