CWE-1193: Power-On of Untrusted Execution Core Before Enabling Fabric Access Control

The product enables components that contain untrusted firmware before memory and fabric access controls have been enabled.

Recorded CVEs

With this primary weakness

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Base

Abstraction

MITRE classification

Overview

After initial reset, System-on-Chip (SoC) fabric access controls and other security features need to be programmed by trusted firmware as part of the boot sequence. If untrusted IPs or peripheral microcontrollers are enabled first, then the untrusted component can master transactions on the hardware bus and target memory or other assets to compromise the SoC boot firmware.

CWE-1193: Power-On of Untrusted Execution Core Before Enabling Fabric Access Control

Overview

Common consequences

How it happens

When it is introduced

Applies to

How to prevent it

Attack patterns

Frequently asked questions

What is CWE-1193?

How do you prevent CWE-1193?

What are the consequences of CWE-1193?

References

Stay ahead of CWE-1193

Overview

Common consequences

How it happens

When it is introduced

Applies to

How to prevent it

Related weaknesses

Parent

Attack patterns

Frequently asked questions

What is CWE-1193?

How do you prevent CWE-1193?

What are the consequences of CWE-1193?

References

Stay ahead of CWE-1193