Read Time:41 Second

Description

The System-On-a-Chip (SoC) does not properly isolate shared resources between trusted and untrusted agents.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-653
CWE-668
CWE-1331

 

Consequences

Access Control: Bypass Protection Mechanism

If resources being used by a trusted user are shared with an untrusted user, the untrusted user may be able to modify the functionality of the shared resource of the trusted user.

Integrity: Quality Degradation

The functionality of the shared resource may be intentionally degraded.

 

Potential Mitigations

Phase: Architecture and Design

Description: 

CVE References

  • CVE-2019-6260
    • Baseboard Management Controller (BMC) device implements Advanced High-performance Bus (AHB) bridges that do not require authentication for arbitrary read and write access to the BMC’s physical address space from the host, and possibly the network [REF-1138].