CWE-1294
Insecure Security Identifier Mechanism
Description
The System-on-Chip (SoC) implements a Security Identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Identifiers are not correctly implemented.
{"xhtml:p":["Systems-On-Chip (Integrated circuits and hardware\n engines) implement Security Identifiers to\n differentiate/identify actions originated from various\n agents. These actions could be 'read', 'write', 'program',\n 'reset', 'fetch', 'compute', etc. Security identifiers are\n generated and assigned to every agent in the System (SoC)\n that is either capable of generating an action or receiving\n an action from another agent. Every agent could be assigned\n a unique, Security Identifier based on its trust level or\n privileges.","A broad class of flaws can exist in the Security\n Identifier process, including but not limited to missing\n security identifiers, improper conversion of security\n identifiers, incorrect generation of security identifiers,\n etc."]}
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Impact
Modify Memory, Read Memory, DoS: Resource Consumption (Other), Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity, Quality Degradation
Potential Mitigations
Security Identifier Decoders must be reviewed for design inconsistency and common weaknesses.
Access and programming flows must be tested in pre-silicon and post-silicon testing.
Applicable Platforms
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now