Power-On of Untrusted Execution Core Before Enabling Fabric Access Control
This vulnerability occurs when a system powers up hardware components containing untrusted firmware before establishing critical security controls for the system's internal communication pathways and memory.
When a System-on-Chip (SoC) first boots, trusted firmware must be the first to configure the hardware's security settings. These settings, known as fabric access controls, act as gatekeepers for the chip's internal data highways and memory regions. If untrusted components—like peripheral microcontrollers or third-party IP cores—are activated before these gatekeepers are in place, they gain unrestricted access to the system's internal bus. From this privileged position, the untrusted firmware can initiate unauthorized transactions. It can read from or write to sensitive memory areas, including those holding the boot firmware itself. This allows it to tamper with the boot process, compromise the trusted firmware, and ultimately take control of the system from the very start of its operation.
Impact: Bypass Protection Mechanism
An untrusted component can master transactions on the HW bus and target memory or other assets to compromise the SoC boot firmware.