Privilege Separation and Access Control Issues

A category in the Common Weakness Enumeration published by The MITRE Corporation.


Summary

Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.

Weaknesses in this category are related to features and mechanisms providing hardware-based isolation and access control (e.g., identity, policy, locking control) of sensitive shared hardware resources such as registers and fuses.

Weaknesses

Access Control Check Implemented After Asset is Accessed

A product's hardware-based access control check occurs after the asset has been accessed.

Improper Handling of Overlap Between Protected Memory Ranges

The product allows address regions to overlap, which can result in the bypassing of intended memory protection.

Improper Isolation of Shared Resources on System-on-a-Chip (SoC)

The product does not properly isolate shared resources between trusted and untrusted agents.

Inclusion of Undocumented Features or Chicken Bits

The device includes chicken bits or undocumented features that can create entry points for unauthorized actors.

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

Insecure Security Identifier Mechanism

The System-on-Chip (SoC) implements a Security Identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entit...

Insufficient Granularity of Access Control

The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system fro...

Missing Protection Mechanism for Alternate Hardware Interface

The lack of protections on alternate paths to access control-protected assets (such as unprotected shadow registers and other external ...

Missing Security Identifier

The product implements a security identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. A transact...

Missing Support for Security Features in On-chip Fabrics or Buses

On-chip fabrics or buses either do not support or are not configured to support privilege separation or other security features, such as access control.

Missing Write Protection for Parametric Data Values

The device does not write-protect the parametric data values for sensors that scale the sensor value, allowing untrusted software to manipulate the apparent result and...

Non-Transparent Sharing of Microarchitectural Resources

Hardware structures shared across execution contexts (e.g., caches and branch predictors) can violate the expected architecture isolation between contexts.

Policy Privileges are not Assigned Consistently Between Control and Data Agents

The product's hardware-enforced access control for a particular resource improperly accounts for privilege discrepancies between control and write policies.

Policy Uses Obsolete Encoding

The product uses an obsolete encoding mechanism to implement access controls.

Register Interface Allows Software Access to Sensitive Data or Security Settings

Memory-mapped registers provide access to hardware functionality from software and if not properly secured can result in loss of confidentiality and integrity.

System-on-Chip (SoC) Using Components without Unique, Immutable Identifiers

The System-on-Chip (SoC) does not have unique, immutable identifiers for each of its components.

Unauthorized Error Injection Can Degrade Hardware Redundancy

An unauthorized agent can inject errors into a redundant block to deprive the system of redundancy or put the system in a degraded operating mode.

Unintended Proxy or Intermediary ('Confused Deputy')

The product receives a request, message, or directive from an upstream component, but the product does not sufficiently preserve the original source of the request bef...

Concepts

Hardware Design

This view organizes weaknesses around concepts that are frequently used or encountered in hardware design. Accordingly, this view can align closely with the perspectiv...


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.