CWE-1262
Improper Access Control for Register Interface
AI Translation Available
The product uses memory-mapped I/O registers that act as an interface to hardware functionality from software, but there is improper access control to those registers.
Status
stable
Abstraction
base
Affected Platforms
Extended Description
AI Translation
Software commonly accesses peripherals in a System-on-Chip (SoC) or other device through a memory-mapped register interface. Malicious software could tamper with any security-critical hardware data that is accessible directly or indirectly through the register interface, which could lead to a loss of confidentiality and integrity.
Technical Details
AI Translation
Common Consequences
confidentiality
integrity
Impacts
read memory
read application data
modify memory
modify application data
gain privileges or assume identity
bypass protection mechanism
unexpected state
alter execution logic
Detection Methods
manual analysis
simulation / emulation
formal verification
automated analysis
architecture or design review
fuzzing
Potential Mitigations
Phases:
architecture and design
implementation
Descriptions:
•
Design proper policies for hardware register access from software.
•
Ensure that access control policies for register access are implemented in accordance with the specified design.