logo

Internal Asset Exposed to Unsafe Debug Access Level or State

Stable Base
Structure: Simple
Description

This vulnerability occurs when a system's debug or test interface supports multiple access levels, but an internal asset is incorrectly assigned a permissive debug access level. This mistake allows untrusted debug agents to access sensitive internal assets they should not be able to reach.

Extended Description

Modern debug and test interfaces often implement tiered access control, where different internal components become accessible based on the currently authorized debug level or the system's operational state. This authorization isn't just about passwords; it can also depend on the boot stage or system mode. For instance, full debug access might only be permitted immediately after a reset to prevent leakage of data from a previous session. If this protection fails and an internal asset is exposed at an unsafe debug level during a specific state or boot phase, an attacker with debugger access can exploit this to read sensitive information. The core failure is the system's inability to correctly map and enforce the appropriate debug access level for each asset as the system state changes, creating a window of unintended exposure.
Common Consequences 3
Scope: Confidentiality

Impact: Read Memory

Scope: Integrity

Impact: Modify Memory

Scope: AuthorizationAccess Control

Impact: Gain Privileges or Assume IdentityBypass Protection Mechanism
Detection Methods 1
Manual AnalysisModerate
Check 2 devices for their passcode to authenticate access to JTAG/debugging ports. If the passcodes are missing or the same, update the design to fix and retest. Check communications over JTAG/debugging ports for encryption. If the communications are not encrypted, fix the design and retest.
Potential Mitigations 3
Phase: Architecture and DesignImplementation
For security-sensitive assets accessible over debug/test interfaces, only allow trusted agents.

Effectiveness: High

Phase: Architecture and Design
Apply blinding [REF-1219] or masking techniques in strategic areas.

Effectiveness: Limited

Phase: Implementation
Add shielding or tamper-resistant protections to the device, which increases the difficulty and cost for accessing debug/test interfaces.

Effectiveness: Limited
Demonstrative Examples 2
The JTAG interface is used to perform debugging and provide CPU core access for developers. JTAG-access protection is implemented as part of the JTAG_SHIELD bit in the hw_digctl_ctrl register. This register has no default value at power up and is set only after the system boots from ROM and control is transferred to the user software.

Code Example:

Bad
Other

| | | | 1 bit | 0x0 = JTAG debugger is enabled (default) | | JTAG_SHIELD | 0x1 = JTAG debugger is disabled |

This means that since the end user has access to JTAG at system reset and during ROM code execution before control is transferred to user software, a JTAG user can modify the boot flow and subsequently disclose all CPU information, including data-encryption keys.

Code Example:

Informative
bash
The example code below is taken from the CVA6 processor core of the HACK@DAC'21 buggy OpenPiton SoC. Debug access allows users to access internal hardware registers that are otherwise not exposed for user access or restricted access through access control protocols. Hence, requests to enter debug mode are checked and authorized only if the processor has sufficient privileges. In addition, debug accesses are also locked behind password checkers. Thus, the processor enters debug mode only when the privilege level requirement is met, and the correct debug password is provided.
The following code [REF-1377] illustrates an instance of a vulnerable implementation of debug mode. The core correctly checks if the debug requests have sufficient privileges and enables the debug_mode_d and debug_mode_q signals. It also correctly checks for debug password and enables umode_i signal.

Code Example:

Bad
Verilog

module csr_regfile #( ...

verilog

assign priv_lvl_o = (debug_mode_q || umode_i) ? riscv::PRIV_LVL_M : priv_lvl_q;** ...

verilog
However, it grants debug access and changes the privilege level, priv_lvl_o, even when one of the two checks is satisfied and the other is not. Because of this, debug access can be granted by simply requesting with sufficient privileges (i.e., debug_mode_q is enabled) and failing the password check (i.e., umode_i is disabled). This allows an attacker to bypass the debug password checking and gain debug access to the core, compromising the security of the processor.
A fix to this issue is to only change the privilege level of the processor when both checks are satisfied, i.e., the request has enough privileges (i.e., debug_mode_q is enabled) and the password checking is successful (i.e., umode_i is enabled) [REF-1378].

Code Example:

Good
Verilog

module csr_regfile #( ...

verilog

(debug_mode_q && umode_i) ? riscv::PRIV_LVL_M : priv_lvl_q;** ...

verilog
Observed Examples 1
CVE-2019-18827After ROM code execution, JTAG access is disabled. But before the ROM code is executed, JTAG access is possible, allowing a user full system access. This allows a user to modify the boot flow and successfully bypass the secure-boot process.
References 5
Multiple Vulnerabilities in Barco Clickshare: JTAG access is not permanently disabled
F-Secure Labs
https://labs.withsecure.com/advisories/multiple-vulnerabilities-in-barco-clickshare(2025-08-04)
ID: REF-1056
Attacks and Defenses for JTAG
Kurt Rosenfeld and Ramesh Karri
https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5406671
ID: REF-1057
Blindsight: Blinding EM Side-Channel Leakage using Built-In Fully Integrated Inductive Voltage Regulator
Monodeep Kar, Arvind Singh, Santosh Ghosh, Sanu Mathew, Anand Rajan, Vivek De, Raheem Beyah, and Saibal Mukhopadhyay
02-2018
https://arxiv.org/pdf/1802.09096(2025-08-04)
ID: REF-1219
csr_regile.sv line 938
2021
https://github.com/HACK-EVENT/hackatdac19/blob/57e7b2109c1ea2451914878df2e6ca740c2dcf34/src/csr_regfile.sv#L938(2023-12-13)
ID: REF-1377
Fix for csr_regfile.sv line 938
2021
https://github.com/HACK-EVENT/hackatdac19/blob/a7b61209e56c48eec585eeedea8413997ec71e4a/src/csr_regfile.sv#L938C31-L938C56(2023-12-13)
ID: REF-1378
Applicable Platforms
Languages:
Not Language-Specific : Undetermined
Technologies:
System on Chip : Undetermined
Modes of Introduction
Architecture and Design
Implementation
Related Attack Patterns
Related Weaknesses
ChildOf: Incorrect Authorization (CWE-863)
Notes
RelationshipOn-Chip Debug and Test Interface With Improper Access Control and Internal Asset Exposed to Unsafe Debug Access Level or State both involve physical debug access, but the weaknesses are different. On-Chip Debug and Test Interface With Improper Access Control is effectively about missing authorization for a debug interface, i.e. JTAG. Internal Asset Exposed to Unsafe Debug Access Level or State is about providing internal assets with the wrong debug access level, exposing the asset to untrusted debug agents.