BaseStable

CWE-1191On-Chip Debug and Test Interface With Improper Access Control

Category: config

Description

The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface.

Common consequences· 5

  • Confidentiality — Read Application Data
  • Confidentiality — Read Memory
  • Authorization — Execute Unauthorized Code or Commands
  • Integrity — Modify Memory
  • Integrity — Modify Application Data

Potential mitigations· 1

  • [Architecture and Design] If feasible, the manufacturer should disable the JTAG interface or implement authentication and authorization for the JTAG interface. If authentication logic is added, it should be resistant to timing attacks. Security-sensitive data stored in registers, such as keys, etc. should be cleared when entering debug mode.

Related CAPEC attack patterns· 2

CAPEC-1CAPEC-180

References

  1. https://cwe.mitre.org/data/definitions/1191.html

Exploits (incoming)2

TypeTargetConfidenceTier
AttackPatternAccessing Functionality Not Properly Constrained by ACLscapec-1100%live
AttackPatternExploiting Incorrectly Configured Access Control Security Levelscapec-180100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Improper Access Control for Register Interface
CWE
Internal Asset Exposed to Unsafe Debug Access Level or State
CWE
Improper Restriction of Software Interfaces to Hardware Features
CWE
Improper Prevention of Lock Bit Modification
CWE
Insufficient Granularity of Address Regions Protected by Register Locks
CWE
Improper Access Control for Volatile Memory Containing Boot Code
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.