CWE-1190: DMA Device Enabled Too Early in Boot Phase

Base Draft Simple

CWE版本: 4.18

更新日期: 2025-09-09

弱点描述

The product enables a Direct Memory Access (DMA) capable device before the security configuration settings are established, which allows an attacker to extract data from or gain privileges on the product.

常见后果

影响范围: Access Control

技术影响: Bypass Protection Mechanism Modify Memory

说明: DMA devices have direct write access to main memory and due to time of attack will be able to bypass OS or Bootloader access control.

潜在缓解措施

阶段: Architecture and Design

描述: Utilize an IOMMU to orchestrate IO access from the start of the boot process.

引入模式

阶段	说明
Architecture and Design	-

适用平台

编程语言

Not Language-Specific (Undetermined)

技术

System on Chip (Undetermined)

关键信息

CWE ID: CWE-1190

抽象级别: Base

结构: Simple

状态: Draft

CWE-1190: DMA Device Enabled Too Early in Boot Phase

弱点描述

常见后果

潜在缓解措施

引入模式

适用平台

编程语言

技术

关键信息

相关弱点

相关攻击模式

CWE-1190: DMA Device Enabled Too Early in Boot Phase

弱点描述

常见后果

潜在缓解措施

引入模式

适用平台

编程语言

技术

关键信息

相关弱点

ChildOf CWE-696

相关攻击模式