Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CAPEC-1:Accessing Functionality Not Properly Constrained by ACLs
Attack Pattern ID:1
Version:v3.9
Attack Pattern Name:Accessing Functionality Not Properly Constrained by ACLs
Abstraction:Standard
Status:Draft
Likelihood of Attack:High
Typical Severity:High
DetailsContent HistoryRelated WeaknessesReports
16Weaknesses found
CWE-1191
On-Chip Debug and Test Interface With Improper Access Control
ShareView Details
On-Chip Debug and Test Interface With Improper Access Control
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in12CVEs

The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface.

Impacts-
Modify MemoryRead MemoryModify Application DataExecute Unauthorized Code or CommandsBypass Protection MechanismRead Application Data
Tags-
Separation of PrivilegeExecute Unauthorized Code or Commands (impact)Bypass Protection Mechanism (impact)Modify Application Data (impact)Read Memory (impact)Read Application Data (impact)Modify Memory (impact)
As Seen In-
2021 CWE Most Important Hardware List
CWE-1193
Power-On of Untrusted Execution Core Before Enabling Fabric Access Control
ShareView Details
Power-On of Untrusted Execution Core Before Enabling Fabric Access Control
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in0CVEs

The product enables components that contain untrusted firmware before memory and fabric access controls have been enabled.

Impacts-
Bypass Protection Mechanism
Tags-
Bypass Protection Mechanism (impact)
As Seen In-
Not Available
CWE-1220
Insufficient Granularity of Access Control
ShareView Details
Insufficient Granularity of Access Control
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in57CVEs

The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets.

Impacts-
Modify MemoryRead MemoryGain Privileges or Assume IdentityOtherExecute Unauthorized Code or CommandsBypass Protection Mechanism
Tags-
Execute Unauthorized Code or Commands (impact)Other (impact)Bypass Protection Mechanism (impact)Read Memory (impact)Modify Memory (impact)Gain Privileges or Assume Identity (impact)
As Seen In-
Not Available
CWE-1297
Unprotected Confidential Information on Device is Accessible by OSAT Vendors
ShareView Details
Unprotected Confidential Information on Device is Accessible by OSAT Vendors
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in0CVEs

The product does not adequately protect confidential information on the device from being accessed by Outsourced Semiconductor Assembly and Test (OSAT) vendors.

Impacts-
Modify MemoryGain Privileges or Assume IdentityExecute Unauthorized Code or CommandsModify Files or DirectoriesBypass Protection Mechanism
Tags-
VHDLVerilogProcessor HardwareExecute Unauthorized Code or Commands (impact)Bypass Protection Mechanism (impact)Modify Files or Directories (impact)Modify Memory (impact)Gain Privileges or Assume Identity (impact)
As Seen In-
Not Available
CWE-1311
Improper Translation of Security Attributes by Fabric Bridge
ShareView Details
Improper Translation of Security Attributes by Fabric Bridge
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in0CVEs

The bridge incorrectly translates security attributes from either trusted to untrusted or from untrusted to trusted when converting from one fabric protocol to another.

Impacts-
Modify MemoryRead MemoryGain Privileges or Assume IdentityExecute Unauthorized Code or CommandsBypass Protection Mechanism
Tags-
VHDLVerilogExecute Unauthorized Code or Commands (impact)Bypass Protection Mechanism (impact)Read Memory (impact)Modify Memory (impact)Gain Privileges or Assume Identity (impact)
As Seen In-
Not Available
CWE-1314
Missing Write Protection for Parametric Data Values
ShareView Details
Missing Write Protection for Parametric Data Values
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in0CVEs

The device does not write-protect the parametric data values for sensors that scale the sensor value, allowing untrusted software to manipulate the apparent result and potentially damage hardware or cause operational failure.

Impacts-
DoS: Resource Consumption (Other)Quality Degradation
Tags-
Sensor HardwareQuality Degradation (impact)DoS: Resource Consumption (Other) (impact)
As Seen In-
Not Available
CWE-1315
Improper Setting of Bus Controlling Capability in Fabric End-point
ShareView Details
Improper Setting of Bus Controlling Capability in Fabric End-point
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in0CVEs

The bus controller enables bits in the fabric end-point to allow responder devices to control transactions on the fabric.

Impacts-
Modify MemoryRead MemoryBypass Protection Mechanism
Tags-
Bypass Protection Mechanism (impact)Read Memory (impact)Modify Memory (impact)
As Seen In-
Not Available
CWE-1318
Missing Support for Security Features in On-chip Fabrics or Buses
ShareView Details
Missing Support for Security Features in On-chip Fabrics or Buses
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in0CVEs

On-chip fabrics or buses either do not support or are not configured to support privilege separation or other security features, such as access control.

Impacts-
Modify MemoryRead MemoryDoS: Crash, Exit, or Restart
Tags-
Processor HardwareRead Memory (impact)DoS: Crash, Exit, or Restart (impact)Modify Memory (impact)
As Seen In-
Not Available
CWE-1320
Improper Protection for Outbound Error Messages and Alert Signals
ShareView Details
Improper Protection for Outbound Error Messages and Alert Signals
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in6CVEs

Untrusted agents can disable alerts about signal conditions exceeding limits or the response mechanism that handles such alerts.

Impacts-
Unexpected StateDoS: Crash, Exit, or RestartDoS: InstabilityReduce Reliability
Tags-
Memory HardwareMicrocontroller HardwarePower Management HardwareProcessor HardwareTest/Debug HardwareSensor HardwareSystem on Chip (technology class)Unexpected State (impact)Reduce Reliability (impact)DoS: Crash, Exit, or Restart (impact)DoS: Instability (impact)
As Seen In-
Not Available
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
ShareView Details
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Variant
Found in391CVEs

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

Impacts-
DoS: Crash, Exit, or RestartModify Application Data
Tags-
JavaScriptInput ValidationModify Application Data (impact)DoS: Crash, Exit, or Restart (impact)
As Seen In-
Not Available
CWE-1327
Binding to an Unrestricted IP Address
ShareView Details
Binding to an Unrestricted IP Address
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in10CVEs

The product assigns the address 0.0.0.0 for a database server, a cloud service/instance, or any computing resource that communicates remotely.

Impacts-
DoS: Amplification
Tags-
OtherWeb ServerFirewallClient Server (technology class)Cloud Computing (technology class)DoS: Amplification (impact)
As Seen In-
Not Available
CWE-276
Incorrect Default Permissions
ShareView Details
Incorrect Default Permissions
Likelihood of Exploit-Medium
Mapping-Allowed
Abstraction-Base
Found in1350CVEs

During installation, installed file permissions are set to allow anyone to modify those files.

Impacts-
Modify Application DataRead Application Data
Tags-
Medium exploitSeparation of PrivilegeICS/OT (technology class)Modify Application Data (impact)Read Application Data (impact)
As Seen In-
2021 CWE Top 25 Most Dangerous Software2022 CWE Top 25 Most Dangerous Software2023 CWE Top 25 Most Dangerous Software
CWE-285
Improper Authorization
ShareView Details
Improper Authorization
Likelihood of Exploit-High
Mapping-Discouraged
Abstraction-Class
Found in830CVEs

The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.

Impacts-
Gain Privileges or Assume IdentityModify Application DataModify Files or DirectoriesRead Files or DirectoriesRead Application Data
Tags-
Web ServerDatabase ServerHigh exploitLibraries or FrameworksModify Application Data (impact)Read Files or Directories (impact)Modify Files or Directories (impact)Read Application Data (impact)Gain Privileges or Assume Identity (impact)
As Seen In-
Not Available
CWE-434
Unrestricted Upload of File with Dangerous Type
ShareView Details
Unrestricted Upload of File with Dangerous Type
Likelihood of Exploit-Medium
Mapping-Allowed
Abstraction-Base
Found in3353CVEs

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Impacts-
Execute Unauthorized Code or Commands
Tags-
ASP.NETWeb ServerMedium exploitEnvironment HardeningSandbox or JailInput ValidationEnforcement by ConversionExecute Unauthorized Code or Commands (impact)
As Seen In-
2019 CWE Top 25 Most Dangerous Software Errors2021 CWE Top 25 Most Dangerous SoftwareCISQ Data Protection Measures2020 CWE Top 25 Most Dangerous Software2022 CWE Top 25 Most Dangerous Software2023 CWE Top 25 Most Dangerous Software2024 CWE Top 25 Most Dangerous SoftwareCWE Cross-section
CWE-693
Protection Mechanism Failure
ShareView Details
Protection Mechanism Failure
Likelihood of Exploit-Not Available
Mapping-Discouraged
Abstraction-Pillar
Found in298CVEs

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

Impacts-
Bypass Protection Mechanism
Tags-
ICS/OT (technology class)Bypass Protection Mechanism (impact)
As Seen In-
Research Concepts
CWE-732
Incorrect Permission Assignment for Critical Resource
ShareView Details
Incorrect Permission Assignment for Critical Resource
Likelihood of Exploit-High
Mapping-Allowed-with-Review
Abstraction-Class
Found in1470CVEs

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

Impacts-
Gain Privileges or Assume IdentityOtherModify Application DataRead Files or DirectoriesRead Application Data
Tags-
High exploitEnvironment HardeningSandbox or JailCloud Computing (technology class)Other (impact)Modify Application Data (impact)Read Files or Directories (impact)Read Application Data (impact)Gain Privileges or Assume Identity (impact)
As Seen In-
2019 CWE Top 25 Most Dangerous Software Errors2021 CWE Top 25 Most Dangerous SoftwareCISQ Data Protection Measures2020 CWE Top 25 Most Dangerous SoftwareSimplified Mapping of Published VulnerabilitiesCWE Cross-section