CWE-1193

Power-On of Untrusted Execution Core Before Enabling Fabric Access Control

AI Translation Available

The product enables components that contain untrusted firmware before memory and fabric access controls have been enabled.

Status

draft

Abstraction

base

Affected Platforms

System on Chip

Extended Description

AI Translation

After initial reset, System-on-Chip (SoC) fabric access controls and other security features need to be programmed by trusted firmware as part of the boot sequence. If untrusted IPs or peripheral microcontrollers are enabled first, then the untrusted component can master transactions on the hardware bus and target memory or other assets to compromise the SoC boot firmware.

Technical Details

AI Translation

Common Consequences

access control

Impacts

bypass protection mechanism

Potential Mitigations

Phases:

architecture and design

Descriptions:

• The boot sequence should enable fabric access controls and memory protections before enabling third-party hardware IPs and peripheral microcontrollers that use untrusted firmware.

AI Generated Translation

Common Consequences

controllo degli accessi

Impacts

elusione del meccanismo di protezione

Potential Mitigations

Phases:

architettura e design

Descriptions:

• La sequenza di avvio dovrebbe attivare i controlli di accesso al fabric e le protezioni della memoria prima di abilitare gli IP hardware di terze parti e i microcontrollori periferici che utilizzano firmware non affidabile.

CWE-1193

Common Consequences

Impacts

Potential Mitigations

Common Consequences

Impacts

Potential Mitigations

Iscriviti alla newsletter