Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-1328 — Vulnerability Class 4

4 vulnerabilities classified as CWE-1328. AI Chinese analysis included.

CWE-1328 represents a critical hardware security weakness where the security version number within a System-on-Chip is mutable, allowing attackers to downgrade boot firmware to older, vulnerable versions. This flaw undermines secure boot mechanisms designed to prevent rollback attacks. Exploitation typically involves an adversary manipulating the version counter to install legacy firmware containing known vulnerabilities, thereby bypassing security patches and gaining unauthorized access or control over the device. To mitigate this risk, developers must enforce strict immutability on security version numbers through hardware-enforced write protection or read-only memory configurations. Additionally, implementing robust anti-rollback mechanisms that verify version integrity during the boot process ensures that only the most recent, secure firmware versions are accepted, effectively neutralizing downgrade attempts and maintaining the system’s trusted execution environment.

MITRE CWE Description
Security-version number in hardware is mutable, resulting in the ability to downgrade (roll-back) the boot firmware to vulnerable code versions. A System-on-Chip (SoC) implements secure boot or verified boot. It might support a security version number, which prevents downgrading the current firmware to a vulnerable version. Once downgraded to a previous version, an adversary can launch exploits on the SoC and thus compromise the security of the SoC. These downgrade attacks are also referred to as roll-back attacks. The security version number must be stored securely and persistently across power-on resets. A common weakness is that the security version number is modifiable by an adversary, allowing roll-back or downgrade attacks or, under certain circumstances, preventing upgrades (i.e. Denial-of-Service on upgrades). In both cases, the SoC is in a vulnerable state.
Common Consequences (1)
Confidentiality, Integrity, Authentication, AuthorizationOther
Impact includes roll-back or downgrade to a vulnerable version of the firmware or DoS (prevent upgrades).
Mitigations (2)
Architecture and DesignWhen architecting the system, security version data should be designated for storage in registers that are either read-only or have access controls that prevent modification by an untrusted agent.
ImplementationDuring implementation and test, security version data should be demonstrated to be read-only and access controls should be validated.
Examples (1)
A new version of firmware is signed with a security version number higher than the previous version. During the firmware update process the SoC checks for the security version number and upgrades the SoC firmware with the latest version. This security version number is stored in persistent memory upon successful upgrade for use across power-on resets.
CVE IDTitleCVSSSeverityPublished
CVE-2025-8321 Tesla Wall Connector Firmware Downgrade Vulnerability — Wall Connector 6.8AIMediumAI2025-07-30
CVE-2025-5825 Autel MaxiCharger AC Wallbox Commercial Firmware Downgrade Remote Code Execution Vulnerability — Autel MaxiCharger AC Wallbox Commercial 7.5AIHighAI2025-06-25
CVE-2025-29989 Dell Client Platform BIOS 安全漏洞 — Dell Client Platform BIOS 3.1 Low2025-04-10
CVE-2024-13870 Unauthenticated Firmware Downgrade in Bitdefender Box v1 — BOX v1 5.3 -2025-03-12

Vulnerabilities classified as CWE-1328 represent 4 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.