CWE-1256: Improper Restriction of Software Interfaces to Hardware Features
Overview
CWE-1256 (Improper Restriction of Software Interfaces to Hardware Features) documents a weakness type used across vulnerability databases and security assessments. Use the sections below for definition, context, and mapped CVEs.
Security impact
Security impact: Depends on product and context; use CVE records, severity scores, and MITRE guidance to prioritize.
Description
The product provides software-controllable
device functionality for capabilities such as power and
clock management, but it does not properly limit
functionality that can lead to modification of
hardware memory or register bits, or the ability to
observe physical side channels.
Applicable platforms
Kind
Name
Class
Prevalence
OS / CPE
language
—
Not Language-Specific
Undetermined
—
operating_system
—
Not OS-Specific
Undetermined
—
architecture
—
Not Architecture-Specific
Undetermined
—
technology
—
Not Technology-Specific
Undetermined
—
technology
Memory Hardware
—
Undetermined
—
technology
Power Management Hardware
—
Undetermined
—
technology
Clock/Counter Hardware
—
Undetermined
—
Related CVEs in this database
These CVEs are mapped to this weakness in this database and kept for traceability and search.
A potential security vulnerability has been identified in the System BIOS for some HP PC products which may allow escalation of privilege, arbitrary code execution, denial of service, or information d…
Improper restriction of software interfaces to hardware features for some Intel(R) Xeon(R) 6 processor with E-cores when using Intel(R) Trust Domain Extensions (Intel(R) TDX) or Intel(R) Software Guar…
Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a vi…
Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victi…
Previous names
Hardware Features Enable Physical Attacks from Software(2021-10-28)