Read Time:33 Second
Description
The product implements a conversion mechanism to map certain bus-transaction signals to security identifiers. However, if the conversion is incorrectly implemented, untrusted agents can gain unauthorized access to the asset.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
Consequences
Confidentiality, Integrity, Availability, Access Control: Modify Memory, Read Memory, DoS: Resource Consumption (Other), Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity, Quality Degradation
Potential Mitigations
Phase: Architecture and Design
Description:
Security identifier decoders must be reviewed for design inconsistency and common weaknesses.
Phase: Implementation
Description:
Access and programming flows must be tested in pre-silicon and post-silicon testing.