ICS Supply Chain: OT Counterfeit and Malicious Corruption
A category in the Common Weakness Enumeration published by The MITRE Corporation.
Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.
Weaknesses in this category are related to the "OT Counterfeit and Malicious Corruption" category from the SEI ETF "Categories of Security Vulnerabilities in ICS" as published in March 2022: "In ICS, when this procurement process results in a vulnerability or component damage, it can have grid impacts or cause physical harm." Note: members of this category include "Nearest IT Neighbor" recommendations from the report, as well as suggestions by the CWE team. These relationships are likely to change in future CWE versions.
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
The product uses a trusted lock bit for restricting access to registers, address regions, or other resources, but the product does not prevent the value of the lock bi...
Information stored in hardware may be recovered by an attacker with the capability to capture and analyze images of the integrated circuit using techniques such as sca...
The product uses a register lock bit protection mechanism, but it does not ensure that the lock bit prevents modification of system registers or controls that perform ...
Weaknesses in this category are related to features and mechanisms providing hardware-based isolation and access control (e.g., identity, policy, locking control) of s...
CWE entries in this view (graph) are associated with the Categories of Security Vulnerabilities in ICS, as published by the Securing Energy Infrastructure Executive Ta...
- Categories of Security Vulnerabilities in ICS
Securing Energy Infrastructure Executive Task Force (SEI ETF)