Improper Scrubbing of Sensitive Data from Decommissioned Device
0
Base
-
The product does not properly provide a capability for the product administrator to remove sensitive data at the time the product is decommissioned. A scrubbing capability could be missing, insufficient, or incorrect.
The product does not provide its
users with the ability to update or patch its
firmware to address any vulnerabilities or
weaknesses that may be present.
The product implements a decoding mechanism to decode certain bus-transaction signals to security identifiers. If the decoding is implemented incorrectly, then untrusted agents can now gain unauthorized access to the asset.
The product implements a conversion mechanism to map certain bus-transaction signals to security identifiers. However, if the conversion is incorrectly implemented, untrusted agents can gain unauthorized access to the asset.
The System-on-Chip (SoC) implements a Security Identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Identifiers are not correctly implemented.
Unprotected Confidential Information on Device is Accessible by OSAT Vendors
0
Base
-
The product does not adequately protect confidential information on the device from being accessed by Outsourced Semiconductor Assembly and Test (OSAT) vendors.
Missing Source Identifier in Entity Transactions on a System-On-Chip (SOC)
0
Base
-
The product implements a security identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. A transaction is sent without a security identifier.
Improper Translation of Security Attributes by Fabric Bridge
0
Base
-
The bridge incorrectly translates security attributes from either trusted to untrusted or from untrusted to trusted when converting from one fabric protocol to another.
The product uses a fabric bridge for transactions between two Intellectual Property (IP) blocks, but the bridge does not properly perform the expected privilege, identity, or other access control checks between those IP blocks.
Missing Support for Security Features in On-chip Fabrics or Buses
0
Base
-
On-chip fabrics or buses either do not support or are not configured to support privilege separation or other security features, such as access control.
DEPRECATED: Sensitive Information Accessible by Physical Probing of JTAG Interface
0
Base
-
This entry has been deprecated because it was at a lower level of abstraction than supported by CWE. All relevant content has been integrated into CWE-319.
Improper Isolation of Shared Resources in Network On Chip (NoC)
0
Base
-
The Network On Chip (NoC) does not isolate or incorrectly isolates its on-chip-fabric and internal resources such that they are shared between trusted and untrusted agents, creating timing channels.
Insufficient Precision or Accuracy of a Real Number
0
Base
-
The product processes a real number with an implementation in which the number's representation does not preserve required accuracy and precision in its fractional part, causing an incorrect result.
Improper Handling of Hardware Behavior in Exceptionally Cold Environments
0
Base
-
A hardware device, or the firmware running on it, is
missing or has incorrect protection features to maintain
goals of security primitives when the device is cooled below
standard operating temperatures.