CWE-1244 – Internal Asset Exposed to Unsafe Debug Access Level or State

Read Time:50 Second

Description

The product uses physical debug or test
interfaces with support for multiple access levels, but it
assigns the wrong debug access level to an internal asset,
providing unintended access to the asset from untrusted debug
agents.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-863

 

Consequences

Confidentiality: Read Memory

Integrity: Modify Memory

Authorization, Access Control: Gain Privileges or Assume Identity, Bypass Protection Mechanism

 

Potential Mitigations

Phase: Architecture and Design, Implementation

Effectiveness: High

Description: 

Phase: Architecture and Design

Effectiveness: Limited

Description: 

Apply blinding [REF-1219] or masking techniques in strategic areas.

Phase: Implementation

Effectiveness: Limited

Description: 

Add shielding or tamper-resistant protections to the device, which increases the difficulty and cost for accessing debug/test interfaces.

CVE References

  • CVE-2019-18827
    • After ROM code execution, JTAG access is disabled. But before the ROM code is executed, JTAG access is possible, allowing a user full system access. This allows a user to modify the boot flow and successfully bypass the secure-boot process.