VYPR

CWE-1231

Improper Prevention of Lock Bit Modification

BaseStable

Description

The product uses a trusted lock bit for restricting access to registers, address regions, or other resources, but the product does not prevent the value of the lock bit from being modified after it has been set.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-680

CVEs mapped to this weakness (2)

  • CVE-2024-36354HigSep 6, 2025
    risk 0.49cvss 7.5epss 0.00

    Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to bypass SMM isolation potentially resulting in…

  • CVE-2025-52536MedFeb 10, 2026
    risk 0.44cvss epss 0.00

    Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity.