CWE•Class•Incomplete•0 recent CVEs
CWE-1294Insecure Security Identifier Mechanism
Description
The System-on-Chip (SoC) implements a Security Identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Identifiers are not correctly implemented.
[object Object]
Common consequences
- Confidentiality,Integrity,Availability,Access Control→Modify Memory,Read Memory,DoS: Resource Consumption (Other),Execute Unauthorized Code or Commands,Gain Privileges or Ass
Potential mitigations
- Architecture and DesignSecurity Identifier Decoders must be reviewed for design inconsistency and common weaknesses.
- ImplementationAccess and programming flows must be tested in pre-silicon and post-silicon testing.