CWE-1315 – Improper Setting of Bus Controlling Capability in Fabric End-point
Description The bus controller enables bits in the fabric end-point to allow responder devices to control transactions on the fabric. Modes of Introduction: - Architecture...
CWE-1316 – Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected Ranges
Description The address map of the on-chip fabric has protected and unprotected regions overlapping, allowing an attacker to bypass access control to the overlapping portion...
CWE-1317 – Missing Security Checks in Fabric Bridge
Description A bridge that is connected to a fabric without security features forwards transactions to the slave without checking the privilege level of the master....
CWE-1318 – Missing Support for Security Features in On-chip Fabrics or Buses
Description On-chip fabrics or buses either do not support or are not configured to support privilege separation or other security features, such as access control....
CWE-1319 – Improper Protection against Electromagnetic Fault Injection (EM-FI)
Description The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed. Modes of...
CWE-132 – DEPRECATED: Miscalculated Null Termination
Description This entry has been deprecated because it was a duplicate of CWE-170. All content has been transferred to CWE-170. Modes of Introduction: ...
CWE-1320 – Improper Protection for Out of Bounds Signal Level Alerts
Description Untrusted agents can disable alerts about signal conditions exceeding limits or the response mechanism that handles such alerts. Modes of Introduction: - Architecture and...
CWE-1321 – Improperly Controlled Modification of Object Prototype Attributes (‘Prototype Pollution’)
Description The software receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does...
CWE-1322 – Use of Blocking Code in Single-threaded, Non-blocking Context
Description The product uses a non-blocking model that relies on a single threaded process for features such as scalability, but it contains code that can...
CWE-1323 – Improper Management of Sensitive Trace Data
Description Trace data collected from several sources on the System-on-Chip (SoC) is stored in unprotected locations or transported to untrusted agents. Modes of Introduction: -...