BaseIncomplete

CWE-1318Missing Support for Security Features in On-chip Fabrics or Buses

Category: other

Description

On-chip fabrics or buses either do not support or are not configured to support privilege separation or other security features, such as access control.

Common consequences· 1

  • Confidentiality / Integrity / Access Control / Availability — DoS: Crash, Exit, or Restart, Read Memory, Modify Memory

Potential mitigations· 1

  • [Architecture and Design]If fabric does not support security features, implement security checks in a bridge or any component that is between the master and the fabric. Alternatively, connect all fabric slaves that do not have any security assets under one such fabric and connect peripherals with security assets to a different fabric that supports security features.

Related CAPEC attack patterns· 2

CAPEC-1CAPEC-180

References

  1. https://cwe.mitre.org/data/definitions/1318.html

Exploits (incoming)2

TypeTargetConfidenceTier
AttackPatternAccessing Functionality Not Properly Constrained by ACLscapec-1100%live
AttackPatternExploiting Incorrectly Configured Access Control Security Levelscapec-180100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Missing Protection for Mirrored Regions in On-Chip Fabric Firewall
CWE
Improper Isolation of Shared Resources on System-on-a-Chip (SoC)
CWE
Power-On of Untrusted Execution Core Before Enabling Fabric Access Control
CWE
Missing Protection Mechanism for Alternate Hardware Interface
CWE
On-Chip Debug and Test Interface With Improper Access Control
CWE
Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected Ranges
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.