CWE-1246
Improper Write Handling in Limited-write Non-Volatile Memories
The product does not implement or incorrectly implements wear leveling operations in limited-write non-volatile memories.
Mitigation
Phases: Architecture and Design, Implementation, Testing
Description:
- Include secure wear leveling algorithms and ensure they may not be bypassed.
CAPEC-212: Functionality Misuse
An adversary leverages a legitimate capability of an application in such a way as to achieve a negative technical impact. The system functionality is not altered or modified but used in a way that was not intended. This is often accomplished through the overuse of a specific functionality or by leveraging functionality with design flaws that enables the adversary to gain access to unauthorized, sensitive data.