VYPR

CWE-1233

Security-Sensitive Hardware Controls with Missing Lock Bit Protection

BaseStable

Description

The product uses a register lock bit protection mechanism, but it does not ensure that the lock bit prevents modification of system registers or controls that perform changes to important hardware system configuration.

Hierarchy (View 1000)

Children

none

Related attack patterns (CAPEC)

CAPEC-176 · CAPEC-680

CVEs mapped to this weakness (2)

  • CVE-2025-61972HigMay 13, 2026
    risk 0.55cvss epss 0.00

    Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution in AMD Secure Processor (ASP) and loss of the SEV-SNP guest's confidentiality…

  • CVE-2025-61971MedMay 13, 2026
    risk 0.38cvss epss 0.00

    Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity.