An adversary takes advantage of missing or incorrectly configured security identifiers (e.g., tokens), which are used for access control within a System-on-Chip (SoC), to read/write data or execute a given action.
A System-on-Chip (SoC) often implements a security identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, these mechanisms may be exploitable due to any number of the following:
If the security identifiers leveraged by the SoC are missing or misconfigured, an adversary may be able to take advantage of this shortcoming to circumvent the intended access controls. This could result in the adversary gaining unintended access, performing a Denial of Service (DoS), escalating privileges, or spoofing actions from a trusted agent.
| Nature | Type | ID | Name |
|---|---|---|---|
| ChildOf | S | 1 | Accessing Functionality Not Properly Constrained by ACLs |
| ChildOf | S | 180 | Exploiting Incorrectly Configured Access Control Security Levels |
Ability to execute actions within the SoC.
Intricate knowledge of the identifiers being utilized.
| Scope | Likelihood | Impact | Note |
|---|---|---|---|
| Integrity | N/A | Modify Data | N/A |
| Confidentiality | N/A | Read Data | N/A |
| ConfidentialityAccess ControlAuthorization | N/A | Gain Privileges | N/A |
| ID | Name |
|---|---|
| CWE-1259 | Improper Restriction of Security Token Assignment |
| CWE-1267 | Policy Uses Obsolete Encoding |
| CWE-1270 | Generation of Incorrect Security Tokens |
| CWE-1294 | Insecure Security Identifier Mechanism |
| CWE-1302 | Missing Source Identifier in Entity Transactions on a System-On-Chip (SOC) |
| Taxonomy Name | Entry ID | Entry Name |
|---|