Description

Western Digital has identified a weakness in the UFS standard that could result in a security vulnerability. This vulnerability may exist in some systems where the Host boot ROM code implements the UFS Boot feature to boot from UFS compliant storage devices. The UFS Boot feature, as specified in the UFS standard, is provided by UFS devices to support platforms that need to download the system boot loader from external non-volatile storage locations. Several scenarios have been identified in which adversaries may disable the boot capability, or revert to an old boot loader code, if the host boot ROM code is improperly implemented. UFS Host Boot ROM implementers may be impacted by this vulnerability. UFS devices are only impacted when connected to a vulnerable UFS Host and are not independently impacted by this vulnerability. When present, the vulnerability is in the UFS Host implementation and is not a vulnerability in Western Digital UFS Devices. Western Digital has provided details of the vulnerability to the JEDEC standards body, multiple vendors of host processors, and software solutions providers.

Severity

 

CVSS Version 3.x CVSS Version 2.0

CVSS 3.x Severity and Metrics:

CNA:  Western Digital

Base Score:  8.7 HIGH

Vector:  CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H

NVD Analysts use publicly available information to associate vector strings and CVSS scores. We also display any CVSS information provided within the CVE List from the CNA.

Note: The NVD and the CNA have provided the same score. When this occurs only the CNA information is displayed, but the Acceptance Level icon for the CNA is given a checkmark to signify NVD concurrence.

CVSS 2.0 Severity and Metrics:

NIST: NVD

Base Score: N/A

NVD score not yet provided.

NVD Analysts use publicly available information to associate vector strings and CVSS scores. We also display any CVSS information provided within the CVE List from the CNA.

Note: NVD Analysts have not published a CVSS score for this CVE at this time. NVD Analysts use publicly available information at the time of analysis to associate CVSS vector strings.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink	Resource
https://documents.westerndigital.com/content/dam/doc-library/en_us/assets/public/western-digital/collateral/white-paper/white-paper-host-boot-rom-code-vulnerability-and-mitigation.pdf	Exploit  Technical Description  Vendor Advisory
https://www.westerndigital.com/support/product-security/wdc-23001-host-boot-rom-code-vulnerability-in-systems-implementing-ufs-boot-feature	Vendor Advisory

Weakness Enumeration

CWE-ID	CWE Name	Source
CWE-662	Improper Synchronization	NIST
CWE-1233	Security-Sensitive Hardware Controls with Missing Lock Bit Protection	Western Digital
CWE-1224	Improper Restriction of Write-Once Bit Fields	Western Digital
CWE-1262	Improper Access Control for Register Interface	Western Digital

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

1 change records found show changes

Initial Analysis by NIST 2/08/2023 2:14:16 PM

Action	Type	Old Value	New Value
Added	CPE Configuration		AND OR *cpe:2.3:a:jedec:universal_flash_storage:-:*:*:*:*:*:*:* OR cpe:2.3:h:westerndigital:inand_eu311_mobile_mc_ufs:-:*:*:*:*:*:*:* cpe:2.3:h:westerndigital:inand_eu312_automotive_xa_at_ufs:-:*:*:*:*:*:*:* cpe:2.3:h:westerndigital:inand_eu312_industrial_ix_ufs:-:*:*:*:*:*:*:*
Added	CVSS V3.1		NIST AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
Added	CWE		NIST CWE-662
Changed	Reference Type	https://documents.westerndigital.com/content/dam/doc-library/en_us/assets/public/western-digital/collateral/white-paper/white-paper-host-boot-rom-code-vulnerability-and-mitigation.pdf No Types Assigned	https://documents.westerndigital.com/content/dam/doc-library/en_us/assets/public/western-digital/collateral/white-paper/white-paper-host-boot-rom-code-vulnerability-and-mitigation.pdf Exploit, Technical Description, Vendor Advisory
Changed	Reference Type	https://www.westerndigital.com/support/product-security/wdc-23001-host-boot-rom-code-vulnerability-in-systems-implementing-ufs-boot-feature No Types Assigned	https://www.westerndigital.com/support/product-security/wdc-23001-host-boot-rom-code-vulnerability-in-systems-implementing-ufs-boot-feature Vendor Advisory