CWE-1234 4 CVEs MITRE definition ↗

CWE-1234: Hardware Internal or Debug Modes Allow Override of Locks

Overview

CWE-1234 (Hardware Internal or Debug Modes Allow Override of Locks) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.

Security impact
Security impact: Depends on product and context; use CVE records, severity scores, and MITRE guidance to prioritize.

Description

System configuration protection may be bypassed during debug mode.

Applicable platforms

Kind Name Class Prevalence OS / CPE
language Not Language-Specific Undetermined
operating_system Not OS-Specific Undetermined
architecture Not Architecture-Specific Undetermined
technology Not Technology-Specific Undetermined

Related CVEs in this database

These CVEs are mapped to this weakness in this database and kept for traceability and search.

CVE Published Summary
CVE-2025-33242 2026-03-24 NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that could allow a malicious actor to modify unsupported registries, causing a bad state. A successful exploit of this vulnerability might lead …
CVE-2025-59104 2026-01-26 With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint (or use the 6-Pin tag-connect cable). Thus, the attacker gains access to the bootload…
CVE-2023-44298 2023-12-05 Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit thi…
CVE-2023-44297 2023-12-05 Dell PowerEdge platforms 16G Intel E5 BIOS and Dell Precision BIOS, version 1.4.4, contain active debug code security vulnerability. An unauthenticated physical attacker could potentially exploit thi…

Content submission

Name
Arun Kanuparthi, Hareesh Khattri, Parbati Kumar Manna, Narasimha Kumar V Mangipudi
Organization
Intel Corporation
Date
2020-01-15
Version
4.0

Content modifications

Date Name Version Importance Comment
2020-08-20 CWE Content Team 4.2 updated Common_Consequences, Demonstrative_Examples, Description, Modes_of_Introduction, Potential_Mitigations, Related_Attack_Patterns
2022-04-28 CWE Content Team 4.7 updated Related_Attack_Patterns
2022-10-13 CWE Content Team 4.9 updated Demonstrative_Examples
2023-04-27 CWE Content Team 4.11 updated Relationships
2023-06-29 CWE Content Team 4.12 updated Mapping_Notes
2024-02-29 CWE Content Team 4.14 updated Demonstrative_Examples, References
2025-09-09 CWE Content Team 4.18 updated Relationships
2025-12-11 CWE Content Team 4.19 updated Demonstrative_Examples, Weakness_Ordinalities

Contributions

Type Name Date Comment
Content Chen Chen, Rahul Kande, Jeyavijayan Rajendran 2023-11-07 suggested demonstrative example
Content Shaza Zeitouni, Mohamadreza Rostami, Ahmad-Reza Sadeghi 2023-11-07 suggested demonstrative example
cvelogic Threat Intelligence