CWE-1244: Internal Asset Exposed to Unsafe Debug Access Level or State
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The product uses physical debug or test interfaces with support for multiple access levels, but it assigns the wrong debug access level to an internal asset, providing unintended access to the asset from untrusted debug agents.
常见后果
影响范围: Confidentiality
技术影响: Read Memory
影响范围: Integrity
技术影响: Modify Memory
影响范围: Authorization Access Control
技术影响: Gain Privileges or Assume Identity Bypass Protection Mechanism
潜在缓解措施
阶段: Architecture and Design Implementation
有效性: High
阶段: Architecture and Design
描述: Apply blinding [REF-1219] or masking techniques in strategic areas.
有效性: Limited
阶段: Implementation
描述: Add shielding or tamper-resistant protections to the device, which increases the difficulty and cost for accessing debug/test interfaces.
有效性: Limited
检测方法
方法: Manual Analysis
Check 2 devices for their passcode to authenticate access to JTAG/debugging ports. If the passcodes are missing or the same, update the design to fix and retest. Check communications over JTAG/debugging ports for encryption. If the communications are not encrypted, fix the design and retest.
有效性: Moderate
观察示例
参考: CVE-2019-18827
After ROM code execution, JTAG access is disabled. But before the ROM code is executed, JTAG access is possible, allowing a user full system access. This allows a user to modify the boot flow and successfully bypass the secure-boot process.
引入模式
| 阶段 | 说明 |
|---|---|
| Architecture and Design | - |
| Implementation | - |