Run static analysis (SAST) on the codebase looking for the unsafe pattern in the data flow.
CWE-1302 Base Incomplete
Missing Source Identifier in Entity Transactions on a System-On-Chip (SOC)
This vulnerability occurs when a System-On-Chip (SoC) component sends a transaction without its required security identifier. The destination hardware cannot properly verify permissions, leading to…
Definition
What is CWE-1302?
This vulnerability occurs when a System-On-Chip (SoC) component sends a transaction without its required security identifier. The destination hardware cannot properly verify permissions, leading to unintended access or system failure.
In a System-On-Chip, hardware agents like processors or accelerators constantly send transactions to access resources or trigger actions. Each transaction should carry a security identifier (like a digital keycard) that tells the receiving agent the sender's privilege level. Without this identifier, the receiving agent has no way to correctly enforce security policies for that specific request.
This missing identifier forces the destination into a guesswork scenario. It may either reject the transaction entirely—causing a functional denial-of-service—or default to allowing it, which can lead to privilege escalation or unauthorized access to protected assets. The core issue is inconsistent tagging of transactions at their source, undermining the chip's entire internal security model.
Real-world impact
Real-world CVEs caused by CWE-1302
No public CVE references are linked to this CWE in MITRE's catalog yet.
How attackers exploit it
Step-by-step attacker path
- 1
Consider a system with a register for storing AES key for encryption or decryption. The key is of 128 bits implemented as a set of four 32-bit registers. The key registers are assets, and the register AES_KEY_ACCESS_POLICY is defined to provide the necessary access controls. The access-policy register defines which agents with a security identifier in the transaction can access the AES-key registers. Each bit in this 32-bit register defines a security identifier. There could be a maximum of 32 security identifiers that are allowed accesses to the AES-key registers. The number of the bit when set (i.e., "1") allows for a respective action from an agent whose identity matches the number of the bit; if set to "0" (i.e., Clear), it disallows the respective action to that corresponding agent.
- 2
The originator sends a transaction with no security identifier, i.e., meaning the value is "0" or NULL. The AES-Key-access register does not allow the necessary action and drops the transaction because the originator failed to include the required security identifier.
- 3
The originator should send a transaction with Security Identifier "2" which will allow access to the AES-Key-access register and allow encryption and decryption operations.
Vulnerable code example
Vulnerable code
Consider a system with a register for storing AES key for encryption or decryption. The key is of 128 bits implemented as a set of four 32-bit registers. The key registers are assets, and the register AES_KEY_ACCESS_POLICY is defined to provide the necessary access controls. The access-policy register defines which agents with a security identifier in the transaction can access the AES-key registers. Each bit in this 32-bit register defines a security identifier. There could be a maximum of 32 security identifiers that are allowed accesses to the AES-key registers. The number of the bit when set (i.e., "1") allows for a respective action from an agent whose identity matches the number of the bit; if set to "0" (i.e., Clear), it disallows the respective action to that corresponding agent.
| Register | Field description |
| --- | --- |
| AES_ENC_DEC_KEY_0 | AES key [0:31] for encryption or decryption, Default 0x00000000 |
| AES_ENC_DEC_KEY_1 | AES key [32:63] for encryption or decryption, Default 0x00000000 |
| AES_ENC_DEC_KEY_2 | AES key [64:95] for encryption or decryption, Default 0x00000000 |
| AES_ENC_DEC_KEY_4 | AES key [96:127] for encryption or decryption, Default 0x00000000 |
| AES_KEY_ACCESS_POLICY | [31:0] Default 0x00000004 - agent with Security Identifier "2" has access to AES_ENC_DEC_KEY_0 through AES_ENC_DEC_KEY_4 registers | Secure code example
Secure code
The originator sends a transaction with no security identifier, i.e., meaning the value is "0" or NULL. The AES-Key-access register does not allow the necessary action and drops the transaction because the originator failed to include the required security identifier.
| Register | Field description |
| --- | --- |
| AES_ENC_DEC_KEY_0 | AES key [0:31] for encryption or decryption, Default 0x00000000 |
| AES_ENC_DEC_KEY_1 | AES key [32:63] for encryption or decryption, Default 0x00000000 |
| AES_ENC_DEC_KEY_2 | AES key [64:95] for encryption or decryption, Default 0x00000000 |
| AES_ENC_DEC_KEY_4 | AES key [96:127] for encryption or decryption, Default 0x00000000 |
| AES_KEY_ACCESS_POLICY | [31:0] Default 0x00000002 - agent with security identifier "2" has access to AES_ENC_DEC_KEY_0 through AES_ENC_DEC_KEY_4 registers | What changed: the unsafe sink is replaced (or the input is validated/escaped) so the same payload no longer triggers the weakness.
Prevention checklist
How to prevent CWE-1302
- Architecture and Design Transaction details must be reviewed for design inconsistency and common weaknesses.
- Implementation Security identifier definition and programming flow must be tested in pre-silicon and post-silicon testing.
Detection signals
How to detect CWE-1302
Run dynamic application security testing against the live endpoint.
Watch runtime logs for unusual exception traces, malformed input, or authorization bypass attempts.
Code review: flag any new code that handles input from this surface without using the validated framework helpers.
Plexicus auto-detects CWE-1302 and opens a fix PR in under 60 seconds.
Codex Remedium scans every commit, identifies this exact weakness, and ships a reviewer-ready pull request with the patch. No tickets. No hand-offs.
Frequently asked questions What is CWE-1302?
How serious is CWE-1302?
What languages or platforms are affected by CWE-1302?
How can I prevent CWE-1302?
How does Plexicus detect and fix CWE-1302?
Where can I learn more about CWE-1302?
Frequently asked questions
What is CWE-1302?
This vulnerability occurs when a System-On-Chip (SoC) component sends a transaction without its required security identifier. The destination hardware cannot properly verify permissions, leading to unintended access or system failure.
How serious is CWE-1302?
MITRE has not published a likelihood-of-exploit rating for this weakness. Treat it as medium-impact until your threat model proves otherwise.
What languages or platforms are affected by CWE-1302?
MITRE lists the following affected platforms: Not OS-Specific, Not Architecture-Specific, Not Technology-Specific.
How can I prevent CWE-1302?
Transaction details must be reviewed for design inconsistency and common weaknesses. Security identifier definition and programming flow must be tested in pre-silicon and post-silicon testing.
How does Plexicus detect and fix CWE-1302?
Plexicus's SAST engine matches the data-flow signature for CWE-1302 on every commit. When a match is found, our Codex Remedium agent opens a fix PR with the corrected code, tests, and a one-line summary for the reviewer.
Where can I learn more about CWE-1302?
MITRE publishes the canonical definition at https://cwe.mitre.org/data/definitions/1302.html. You can also reference OWASP and NIST documentation for adjacent guidance.
Related weaknesses
Weaknesses related to CWE-1302
CWE-1294 Parent
Insecure Security Identifier Mechanism
This vulnerability occurs when a System-on-Chip (SoC) implements a Security Identifier mechanism to control transaction permissions, but…
CWE-1259 Sibling
Improper Restriction of Security Token Assignment
This vulnerability occurs when a System-on-a-Chip (SoC) fails to properly secure its Security Token mechanism. These tokens control which…
CWE-1270 Sibling
Generation of Incorrect Security Tokens
This vulnerability occurs when a system's security token mechanism, designed to control permissions for different entities or agents,…
CWE-1290 Sibling
Incorrect Decoding of Security Identifiers
This vulnerability occurs when a hardware decoder incorrectly interprets security identifiers in bus transactions, allowing untrusted…
CWE-1292 Sibling
Incorrect Conversion of Security Identifiers
This vulnerability occurs when a hardware system incorrectly translates security identifiers during bus protocol conversion. An improper…
Resources
Further reading
Ready when you are
Stop paying per developer.
Start closing the loop.
Plexicus is the AI-native ASPM that scans, filters, fixes, pentests, and explains — autonomously. Unlimited developers, unlimited repos, fair-use AI actions. Real free tier, €269/mo annual when you're ready.