See my previous post on CWE 1191: On-Chip Debug and Test Interface With Improper Access Control.

Improper lock bit modification… what’s a lock bit and what’s so improper about it?! Well, as you might guess, not setting the lock bit when you should is the basis of this CWE. In this video Josh discusses what this lock bit could do and provides a RISCV example as well.

For more content and deeper dives on these topic, check out the training at Advanced Security, and for consulting/penetration testing contact us at Cryptotronix.

For a full list of my available trainings, check out Advanced Security. 
For consulting, contact us at Cryptotronix.