VYPR

CWE-1310

Missing Ability to Patch ROM Code

BaseDraft

Description

Missing an ability to patch ROM code may leave a System or System-on-Chip (SoC) in a vulnerable state.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-682

CVEs mapped to this weakness (1)

  • CVE-2016-1000344HigJun 4, 2018
    risk 0.41cvss 7.4epss 0.02

    In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.