Peripherals, On-chip Fabric, and Interface/IO Problems

A category in the Common Weakness Enumeration published by The MITRE Corporation.


Summary

Categories in the Common Weakness Enumeration (CWE) group entries based on some common characteristic or attribute.

Weaknesses in this category are related to hardware security problems that apply to peripheral devices, IO interfaces, on-chip interconnects, network-on-chip (NoC), and buses. For example, this category includes issues related to design of hardware interconnect and/or protocols such as PCIe, USB, SMBUS, general-purpose IO pins, and user-input peripherals such as mouse and keyboard.

Weaknesses

Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected Ranges

The address map of the on-chip fabric has protected and unprotected regions overlapping, allowing an attacker to bypass access control to the overlapping portion of th...

Improper Isolation of Shared Resources in Network On Chip

The product does not isolate or incorrectly isolates its on-chip-fabric and internal resources such that they are shared between trusted and untrusted agents, creating...

Improper Protection against Electromagnetic Fault Injection (EM-FI)

The device is susceptible to electromagnetic fault injection attacks, causing device internal information to be compromised or security mechanisms to be bypassed.

Improper Setting of Bus Controlling Capability in Fabric End-point

The bus controller enables bits in the fabric end-point to allow responder devices to control transactions on the fabric.

Improper Translation of Security Attributes by Fabric Bridge

The bridge incorrectly translates security attributes from either trusted to untrusted or from untrusted to trusted when converting from one fabric protocol to another.

Missing Protection for Mirrored Regions in On-Chip Fabric Firewall

The firewall in an on-chip fabric protects the main addressed region, but it does not protect any mirrored memory or memory-mapped-IO (MMIO) regions.

Missing Security Checks in Fabric Bridge

A bridge that is connected to a fabric without security features forwards transactions to the slave without checking the privilege level of the master. Similarly, it ...

Concepts

Hardware Design

This view organizes weaknesses around concepts that are frequently used or encountered in hardware design. Accordingly, this view can align closely with the perspectiv...


Common Weakness Enumeration content on this website is copyright of The MITRE Corporation unless otherwise specified. Use of the Common Weakness Enumeration and the associated references on this website are subject to the Terms of Use as specified by The MITRE Corporation.