CWE-1190 – DMA Device Enabled Too Early in Boot Phase

Read Time:30 Second

Description

The product enables a Direct Memory Access (DMA) capable device before the security configuration settings are established, which allows an attacker to extract data from or gain privileges on the product.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-696

 

Consequences

Access Control: Bypass Protection Mechanism, Modify Memory

DMA devices have direct write access to main memory and
due to time of attack will be able to bypass OS or Bootloader
access control.

 

Potential Mitigations

Phase: Architecture and Design

Description: 

Utilize an IOMMU to orchestrate IO access from
the start of the boot process.

CVE References