Improper Finite State Machines (FSMs) in Hardware Logic
This vulnerability occurs when hardware logic contains flawed Finite State Machines (FSMs). Attackers can exploit these design errors to force the system into an undefined or unstable condition, potentially leading to a denial of service (DoS) or allowing privilege escalation.
Finite State Machines are critical for managing a system's security posture and operational flow. They often control access to sensitive data and govern secure operations. If an FSM is poorly designed—for example, by leaving states undefined or incorrectly implementing transitions—an attacker can manipulate it into a deadlock or unrecoverable error state. This typically crashes the affected component or requires a full system reset to restore functionality, resulting in a denial of service. The security impact escalates when FSMs are used to enforce privilege levels or authorization checks. By driving the FSM into an unintended state, an attacker might bypass security gates, gain elevated privileges, or corrupt secure data transfers. This initial compromise can then serve as a foothold to launch further attacks, ultimately undermining the hardware's intended security guarantees.
Impact: Unexpected StateDoS: Crash, Exit, or RestartDoS: InstabilityGain Privileges or Assume Identity
Effectiveness: High
ID : DX-152
The Finite State Machine (FSM) shown in the "bad" code snippet below assigns the output ("out") based on the value of state, which is determined based on the user provided input ("user_input").Code Example:
verilogCode Example:
verilogdefault: state = 2'h0;** endcase