Read Time:30 Second
Description
The product enables a Direct Memory Access (DMA) capable device before the security configuration settings are established, which allows an attacker to extract data from or gain privileges on the product.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
Consequences
Access Control: Bypass Protection Mechanism, Modify Memory
DMA devices have direct write access to main memory and
due to time of attack will be able to bypass OS or Bootloader
access control.
Potential Mitigations
Phase: Architecture and Design
Description:
Utilize an IOMMU to orchestrate IO access from
the start of the boot process.