Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CAPEC-180:Exploiting Incorrectly Configured Access Control Security Levels
Attack Pattern ID:180
Version:v3.9
Attack Pattern Name:Exploiting Incorrectly Configured Access Control Security Levels
Abstraction:Standard
Status:Draft
Likelihood of Attack:High
Typical Severity:Medium
DetailsContent HistoryRelated WeaknessesReports
13Weaknesses found
CWE-1190
DMA Device Enabled Too Early in Boot Phase
ShareView Details
DMA Device Enabled Too Early in Boot Phase
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in1CVEs

The product enables a Direct Memory Access (DMA) capable device before the security configuration settings are established, which allows an attacker to extract data from or gain privileges on the product.

Impacts-
Modify MemoryBypass Protection Mechanism
Tags-
System on Chip (technology class)Bypass Protection Mechanism (impact)Modify Memory (impact)
As Seen In-
Not Available
CWE-1191
On-Chip Debug and Test Interface With Improper Access Control
ShareView Details
On-Chip Debug and Test Interface With Improper Access Control
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in12CVEs

The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface.

Impacts-
Read Application DataExecute Unauthorized Code or CommandsModify MemoryBypass Protection MechanismRead MemoryModify Application Data
Tags-
Separation of PrivilegeExecute Unauthorized Code or Commands (impact)Bypass Protection Mechanism (impact)Modify Application Data (impact)Read Memory (impact)Read Application Data (impact)Modify Memory (impact)
As Seen In-
2021 CWE Most Important Hardware List
CWE-1193
Power-On of Untrusted Execution Core Before Enabling Fabric Access Control
ShareView Details
Power-On of Untrusted Execution Core Before Enabling Fabric Access Control
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in0CVEs

The product enables components that contain untrusted firmware before memory and fabric access controls have been enabled.

Impacts-
Bypass Protection Mechanism
Tags-
Bypass Protection Mechanism (impact)
As Seen In-
Not Available
CWE-1220
Insufficient Granularity of Access Control
ShareView Details
Insufficient Granularity of Access Control
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in57CVEs

The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets.

Impacts-
OtherExecute Unauthorized Code or CommandsModify MemoryGain Privileges or Assume IdentityBypass Protection MechanismRead Memory
Tags-
Execute Unauthorized Code or Commands (impact)Other (impact)Bypass Protection Mechanism (impact)Read Memory (impact)Modify Memory (impact)Gain Privileges or Assume Identity (impact)
As Seen In-
Not Available
CWE-1268
Policy Privileges are not Assigned Consistently Between Control and Data Agents
ShareView Details
Policy Privileges are not Assigned Consistently Between Control and Data Agents
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in0CVEs

The product's hardware-enforced access control for a particular resource improperly accounts for privilege discrepancies between control and write policies.

Impacts-
DoS: Crash, Exit, or RestartExecute Unauthorized Code or CommandsReduce ReliabilityModify MemoryGain Privileges or Assume IdentityBypass Protection MechanismRead MemoryRead Files or Directories
Tags-
Execute Unauthorized Code or Commands (impact)Bypass Protection Mechanism (impact)Reduce Reliability (impact)Read Files or Directories (impact)Read Memory (impact)DoS: Crash, Exit, or Restart (impact)Modify Memory (impact)Gain Privileges or Assume Identity (impact)
As Seen In-
Not Available
CWE-1280
Access Control Check Implemented After Asset is Accessed
ShareView Details
Access Control Check Implemented After Asset is Accessed
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in0CVEs

A product's hardware-based access control check occurs after the asset has been accessed.

Impacts-
Read Application DataModify MemoryGain Privileges or Assume IdentityBypass Protection MechanismRead MemoryModify Application Data
Tags-
VHDLVerilogBypass Protection Mechanism (impact)Modify Application Data (impact)Read Memory (impact)Read Application Data (impact)Modify Memory (impact)Gain Privileges or Assume Identity (impact)
As Seen In-
Not Available
CWE-1297
Unprotected Confidential Information on Device is Accessible by OSAT Vendors
ShareView Details
Unprotected Confidential Information on Device is Accessible by OSAT Vendors
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in0CVEs

The product does not adequately protect confidential information on the device from being accessed by Outsourced Semiconductor Assembly and Test (OSAT) vendors.

Impacts-
Execute Unauthorized Code or CommandsModify MemoryGain Privileges or Assume IdentityBypass Protection MechanismModify Files or Directories
Tags-
VHDLVerilogProcessor HardwareExecute Unauthorized Code or Commands (impact)Bypass Protection Mechanism (impact)Modify Files or Directories (impact)Modify Memory (impact)Gain Privileges or Assume Identity (impact)
As Seen In-
Not Available
CWE-1311
Improper Translation of Security Attributes by Fabric Bridge
ShareView Details
Improper Translation of Security Attributes by Fabric Bridge
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in0CVEs

The bridge incorrectly translates security attributes from either trusted to untrusted or from untrusted to trusted when converting from one fabric protocol to another.

Impacts-
Execute Unauthorized Code or CommandsModify MemoryGain Privileges or Assume IdentityBypass Protection MechanismRead Memory
Tags-
VHDLVerilogExecute Unauthorized Code or Commands (impact)Bypass Protection Mechanism (impact)Read Memory (impact)Modify Memory (impact)Gain Privileges or Assume Identity (impact)
As Seen In-
Not Available
CWE-1315
Improper Setting of Bus Controlling Capability in Fabric End-point
ShareView Details
Improper Setting of Bus Controlling Capability in Fabric End-point
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in0CVEs

The bus controller enables bits in the fabric end-point to allow responder devices to control transactions on the fabric.

Impacts-
Modify MemoryBypass Protection MechanismRead Memory
Tags-
Bypass Protection Mechanism (impact)Read Memory (impact)Modify Memory (impact)
As Seen In-
Not Available
CWE-1318
Missing Support for Security Features in On-chip Fabrics or Buses
ShareView Details
Missing Support for Security Features in On-chip Fabrics or Buses
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in0CVEs

On-chip fabrics or buses either do not support or are not configured to support privilege separation or other security features, such as access control.

Impacts-
Modify MemoryRead MemoryDoS: Crash, Exit, or Restart
Tags-
Processor HardwareRead Memory (impact)DoS: Crash, Exit, or Restart (impact)Modify Memory (impact)
As Seen In-
Not Available
CWE-1320
Improper Protection for Outbound Error Messages and Alert Signals
ShareView Details
Improper Protection for Outbound Error Messages and Alert Signals
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Base
Found in6CVEs

Untrusted agents can disable alerts about signal conditions exceeding limits or the response mechanism that handles such alerts.

Impacts-
Reduce ReliabilityDoS: InstabilityUnexpected StateDoS: Crash, Exit, or Restart
Tags-
Memory HardwareMicrocontroller HardwarePower Management HardwareProcessor HardwareTest/Debug HardwareSensor HardwareSystem on Chip (technology class)Unexpected State (impact)Reduce Reliability (impact)DoS: Crash, Exit, or Restart (impact)DoS: Instability (impact)
As Seen In-
Not Available
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
ShareView Details
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Likelihood of Exploit-Not Available
Mapping-Allowed
Abstraction-Variant
Found in391CVEs

The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.

Impacts-
DoS: Crash, Exit, or RestartModify Application Data
Tags-
JavaScriptInput ValidationModify Application Data (impact)DoS: Crash, Exit, or Restart (impact)
As Seen In-
Not Available
CWE-732
Incorrect Permission Assignment for Critical Resource
ShareView Details
Incorrect Permission Assignment for Critical Resource
Likelihood of Exploit-High
Mapping-Allowed-with-Review
Abstraction-Class
Found in1476CVEs

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

Impacts-
Read Application DataOtherGain Privileges or Assume IdentityRead Files or DirectoriesModify Application Data
Tags-
High exploitEnvironment HardeningSandbox or JailCloud Computing (technology class)Other (impact)Modify Application Data (impact)Read Files or Directories (impact)Read Application Data (impact)Gain Privileges or Assume Identity (impact)
As Seen In-
2019 CWE Top 25 Most Dangerous Software Errors2021 CWE Top 25 Most Dangerous SoftwareCISQ Data Protection Measures2020 CWE Top 25 Most Dangerous SoftwareSimplified Mapping of Published VulnerabilitiesCWE Cross-section