VYPR

CWE-1256

Improper Restriction of Software Interfaces to Hardware Features

BaseStable

Description

The product provides software-controllable device functionality for capabilities such as power and clock management, but it does not properly limit functionality that can lead to modification of hardware memory or register bits, or the ability to observe physical side channels.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-624 · CAPEC-625

CVEs mapped to this weakness (3)

  • CVE-2024-5477HigAug 13, 2025
    risk 0.47cvss epss 0.00

    A potential security vulnerability has been identified in the System BIOS for some HP PC products which may allow escalation of privilege, arbitrary code execution, denial of service, or information disclosure via a physical attack that requires specialized equipment and…

  • CVE-2024-48869MedMay 13, 2025
    risk 0.40cvss 6.1epss 0.00

    Improper restriction of software interfaces to hardware features for some Intel(R) Xeon(R) 6 processor with E-cores when using Intel(R) Trust Domain Extensions (Intel(R) TDX) or Intel(R) Software Guard Extensions (Intel(R) SGX) may allow a privileged user to potentially enable…

  • CVE-2024-35199Jul 18, 2024
    risk 0.00cvss epss 0.01

    TorchServe is a flexible and easy-to-use tool for serving and scaling PyTorch models in production. In affected versions the two gRPC ports 7070 and 7071, are not bound to [localhost](http://localhost/) by default, so when TorchServe is launched, these two interfaces are bound…