VYPR

CWE-1326

Missing Immutable Root of Trust in Hardware

BaseDraft

Description

A missing immutable root of trust in the hardware results in the ability to bypass secure boot or execute untrusted or adversarial boot code.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-679 · CAPEC-68

CVEs mapped to this weakness (3)

  • CVE-2025-34503HigOct 24, 2025
    risk 0.46cvss epss 0.00

    Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this design predates modern secure-boot or…

  • CVE-2025-34502HigOct 24, 2025
    risk 0.46cvss epss 0.00

    Deck Mate 2 lacks a verified secure-boot chain and runtime integrity validation for its controller and display modules. Without cryptographic boot verification, an attacker with physical access can modify or replace the bootloader, kernel, or filesystem and gain persistent code…

  • CVE-2025-31929MedMay 13, 2025
    risk 0.27cvss 4.2epss 0.00

    A vulnerability has been identified in IEC 1Ph 7.4kW Child socket (8EM1310-2EH04-0GA0) (All versions), IEC 1Ph 7.4kW Child socket/ shutter (8EM1310-2EN04-0GA0) (All versions), IEC 1Ph 7.4kW Parent cable 7m (8EM1310-2EJ04-3GA1) (All versions), IEC 1Ph 7.4kW Parent cable 7m incl.…