BaseIncomplete
CWE-1315Improper Setting of Bus Controlling Capability in Fabric End-point
Category: other
Description
The bus controller enables bits in the fabric end-point to allow responder devices to control transactions on the fabric.
Common consequences· 1
- Access Control — Modify Memory, Read Memory, Bypass Protection Mechanism
Potential mitigations· 3
- [Architecture and Design]For responder devices, the register bit in the fabric end-point that enables the bus controlling capability must be set to 0 by default. This bit should not be set during secure-boot flows. Also, writes to this register must be access-protected to prevent malicious modifications to obtain bus-controlling capability.
- [Implementation]For responder devices, the register bit in the fabric end-point that enables the bus controlling capability must be set to 0 by default. This bit should not be set during secure-boot flows. Also, writes to this register must be access-protected to prevent malicious modifications to obtain bus-controlling capability.
- [System Configuration]For responder devices, the register bit in the fabric end-point that enables the bus controlling capability must be set to 0 by default. This bit should not be set during secure-boot flows. Also, writes to this register must be access-protected to prevent malicious modifications to obtain bus-controlling capability.
Related CAPEC attack patterns· 2
References
Exploits (incoming)2
| Type | Target | Confidence | Tier |
|---|---|---|---|
| AttackPattern | Accessing Functionality Not Properly Constrained by ACLscapec-1 | 100% | live |
| AttackPattern | Exploiting Incorrectly Configured Access Control Security Levelscapec-180 | 100% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.