Tag Archives: CWE- 1268

CWE-1268 – Policy Privileges are not Assigned Consistently Between Control and Data Agents

Read Time:29 Second

Description

The product’s hardware-enforced access control for a particular resource improperly accounts for privilege discrepancies between control and write policies.

Modes of Introduction:

– Architecture and Design

 

 

Related Weaknesses

CWE-284

 

Consequences

Confidentiality, Integrity, Availability, Access Control: Modify Memory, Read Memory, DoS: Crash, Exit, or Restart, Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity, Bypass Protection Mechanism, Read Files or Directories, Reduce Reliability

 

Potential Mitigations

Phase: Architecture and Design, Implementation

Description: 

Access-control-policy definition and programming flow must be sufficiently tested in pre-silicon and post-silicon testing.

CVE References