CWE-1233 6 CVEs MITRE definition ↗

CWE-1233: Security-Sensitive Hardware Controls with Missing Lock Bit Protection

Overview

CWE-1233 (Security-Sensitive Hardware Controls with Missing Lock Bit Protection) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.

Security impact
Security impact: Depends on product and context; use CVE records, severity scores, and MITRE guidance to prioritize.

Description

The product uses a register lock bit protection mechanism, but it does not ensure that the lock bit prevents modification of system registers or controls that perform changes to important hardware system configuration.

Applicable platforms

Kind Name Class Prevalence OS / CPE
language Not Language-Specific Undetermined
operating_system Not OS-Specific Undetermined
architecture Not Architecture-Specific Undetermined
technology Not Technology-Specific Undetermined

Related CVEs in this database

These CVEs are mapped to this weakness in this database and kept for traceability and search.

CVE Published Summary
CVE-2025-61972 2026-05-13 Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network (SMN) access, potentially resulting in arbitrary code execution…
CVE-2025-61971 2026-05-13 Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity.
CVE-2025-25735 2025-08-26 Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack SPI Protected Range Registers (PRRs), allowing attackers with soft…
CVE-2025-25734 2025-08-26 Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an unauthenticated EFI shell which allows attackers to execute a…
CVE-2025-25733 2025-08-26 Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers to…
CVE-2022-23005 2023-01-23 Western Digital has identified a weakness in the UFS standard that could result in a security vulnerability. This vulnerability may exist in some systems where the Host boot ROM code implements the UF…

Previous names

  • Improper Hardware Lock Protection for Security Sensitive Controls (2021-10-28)

Content submission

Name
Arun Kanuparthi, Hareesh Khattri, Parbati Kumar Manna, Narasimha Kumar V Mangipudi
Organization
Intel Corporation
Date
2020-01-15
Version
4.0

Content modifications

Date Name Version Importance Comment
2020-08-20 CWE Content Team 4.2 updated Related_Attack_Patterns
2021-03-15 CWE Content Team 4.4 updated Maintenance_Notes
2021-10-28 CWE Content Team 4.6 updated Demonstrative_Examples, Description, Detection_Factors, Maintenance_Notes, Name, Observed_Examples, Potential_Mitigations, References, Relationships, Weakness_Ordinalities
2022-04-28 CWE Content Team 4.7 updated Related_Attack_Patterns, Relationships
2023-04-27 CWE Content Team 4.11 updated Relationships
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2025-04-03 CWE Content Team 4.17 updated Demonstrative_Examples
2025-09-09 CWE Content Team 4.18 updated Relationships

Contributions

Type Name Date Comment
Feedback Narasimha Kumar V Mangipudi 2021-10-20 reviewed content changes
cvelogic Threat Intelligence