CWE-1312: Missing Protection for Mirrored Regions in On-Chip Fabric Firewall

Base Draft Simple

CWE版本: 4.18

更新日期: 2025-09-09

弱点描述

The firewall in an on-chip fabric protects the main addressed region, but it does not protect any mirrored memory or memory-mapped-IO (MMIO) regions.

常见后果

影响范围: Confidentiality Integrity Access Control

技术影响: Modify Memory Read Memory Bypass Protection Mechanism

潜在缓解措施

阶段: Architecture and Design

描述: The fabric firewall should apply the same protections as the original region to the mirrored regions.

阶段: Implementation

描述: The fabric firewall should apply the same protections as the original region to the mirrored regions.

检测方法

方法: Manual Dynamic Analysis

Using an external debugger, send write transactions to mirrored regions to test if original, write-protected regions are modified. Similarly, send read transactions to mirrored regions to test if the original, read-protected signals can be read.

有效性: High

引入模式

阶段	说明
Architecture and Design	-
Implementation	-

适用平台

编程语言

Not Language-Specific (Undetermined)

操作系统

Not OS-Specific (Undetermined)

技术

Not Technology-Specific (Undetermined)

关键信息

CWE ID: CWE-1312

抽象级别: Base

结构: Simple

状态: Draft

CWE-1312: Missing Protection for Mirrored Regions in On-Chip Fabric Firewall

弱点描述

常见后果

潜在缓解措施

检测方法

引入模式

适用平台

编程语言

操作系统

技术

关键信息

相关弱点

相关攻击模式

CWE-1312: Missing Protection for Mirrored Regions in On-Chip Fabric Firewall

弱点描述

常见后果

潜在缓解措施

检测方法

引入模式

适用平台

编程语言

操作系统

技术

关键信息

相关弱点

ChildOf CWE-284

PeerOf CWE-1251

相关攻击模式