CAPEC-681: Exploitation of Improperly Controlled Hardware Security Identifiers
An adversary takes advantage of missing or incorrectly configured security identifiers (e.g., tokens), which are used for access control within a System-on-Chip (SoC), to read/write data or execute a given action.
Last updated
Overview
A System-on-Chip (SoC) often implements a security identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, these mechanisms may be exploitable due to any number of the following: The security identifiers are missing The security identifiers are incorrectly implemented or generated The security identifiers are generated with an obsolete encoding The security identifiers are generated and implemented correctly, but are improperly protected If the security identifiers leveraged by the SoC are missing or misconfigured, an adversary may be able to take advantage of this shortcoming to circumvent the intended access controls. This could result in the adversary gaining unintended access, performing a Denial of Service (DoS), escalating privileges, or spoofing actions from a trusted agent.
What the attacker needs
Prerequisites
- Awareness of the hardware being leveraged.
- Access to the hardware being leveraged.
Skills required
- Medium skill: Ability to execute actions within the SoC.
- High skill: Intricate knowledge of the identifiers being utilized.
Consequences
What a successful CAPEC-681 attack can achieve.
Modify Data
Affects: Integrity
Read Data
Affects: Confidentiality
Gain Privileges
Affects: Confidentiality, Access Control, Authorization