CWE-1315: Improper Setting of Bus Controlling Capability in Fabric End-point
The bus controller enables bits in the fabric end-point to allow responder devices to control transactions on the fabric.
Last updated
Overview
To support reusability, certain fabric interfaces and end points provide a configurable register bit that allows IP blocks connected to the controller to access other peripherals connected to the fabric. This allows the end point to be used with devices that function as a controller or responder. If this bit is set by default in hardware, or if firmware incorrectly sets it later, a device intended to be a responder on a fabric is now capable of controlling transactions to other devices and might compromise system security.
Common consequences
What can happen when CWE-1315 is exploited.
Modify Memory, Read Memory, Bypass Protection Mechanism
Affects: Access Control
How it happens
When it is introduced
Typically introduced during these phases of the software lifecycle.
How to prevent it
Practical mitigations for CWE-1315, grouped by where in the lifecycle they apply.