CWE-1315 – Improper Setting of Bus Controlling Capability in Fabric End-point
Description The bus controller enables bits in the fabric end-point to allow responder devices to control transactions on the fabric. Modes of Introduction: - Architecture...
CWE-1314 – Missing Write Protection for Parametric Data Values
Description The device does not write-protect the parametric data values for sensors that scale the sensor value, allowing untrusted software to manipulate the apparent result...
CWE-1313 – Hardware Allows Activation of Test or Debug Logic at Runtime
Description During runtime, the hardware allows for test or debug logic (feature) to be activated, which allows for changing the state of the hardware. This...
CWE-1312 – Missing Protection for Mirrored Regions in On-Chip Fabric Firewall
Description The firewall in an on-chip fabric protects the main addressed region, but it does not protect any mirrored memory or memory-mapped-IO (MMIO) regions. Modes...
CWE-1311 – Improper Translation of Security Attributes by Fabric Bridge
Description The bridge incorrectly translates security attributes from either trusted to untrusted or from untrusted to trusted when converting from one fabric protocol to another....
CWE-1310 – Missing Ability to Patch ROM Code
Description Missing an ability to patch ROM code may leave a System or System-on-Chip (SoC) in a vulnerable state. Modes of Introduction: - Architecture and...
CWE-131 – Incorrect Calculation of Buffer Size
Description The software does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow. Modes of...
CWE-1304 – Improperly Preserved Integrity of Hardware Configuration State During a Power Save/Restore Operation
Description The product performs a power save/restore operation, but it does not ensure that the integrity of the configuration state is maintained and/or verified between...
CWE-1303 – Non-Transparent Sharing of Microarchitectural Resources
Description Hardware structures shared across execution contexts (e.g., caches and branch predictors) can violate the expected architecture isolation between contexts. Modes of Introduction: - Architecture...
CWE-1302 – Missing Security Identifier
Description The product implements a security identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. A transaction...