ClassIncomplete

CWE-1294Insecure Security Identifier Mechanism

Category: other

Description

The System-on-Chip (SoC) implements a Security Identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Identifiers are not correctly implemented.

Common consequences· 1

  • Confidentiality / Integrity / Availability / Access Control — Modify Memory, Read Memory, DoS: Resource Consumption (Other), Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity, Quality Degradation

Potential mitigations· 2

  • [Architecture and Design]Security Identifier Decoders must be reviewed for design inconsistency and common weaknesses.
  • [Implementation]Access and programming flows must be tested in pre-silicon and post-silicon testing.

Related CAPEC attack patterns· 2

CAPEC-121CAPEC-681

References

  1. https://cwe.mitre.org/data/definitions/1294.html

Exploits (incoming)2

TypeTargetConfidenceTier
AttackPatternExploit Non-Production Interfacescapec-121100%live
AttackPatternExploitation of Improperly Controlled Hardware Security Identifierscapec-681100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Missing Source Identifier in Entity Transactions on a System-On-Chip (SOC)
CWE
Improper Identifier for IP Block used in System-On-Chip (SOC)
CWE
Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
CWE
Improper Restriction of Security Token Assignment
CWE
Semiconductor Defects in Hardware Logic with Security-Sensitive Implications
CWE
Incorrect Decoding of Security Identifiers
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.