CWE-1302 Base Incompleto

Missing Source Identifier in Entity Transactions on a System-On-Chip (SOC)

This vulnerability occurs when a System-On-Chip (SoC) component sends a transaction without its required security identifier. The destination hardware cannot properly verify permissions, leading to…

Definição

What is CWE-1302?

This vulnerability occurs when a System-On-Chip (SoC) component sends a transaction without its required security identifier. The destination hardware cannot properly verify permissions, leading to unintended access or system failure.
In a System-On-Chip, hardware agents like processors or accelerators constantly send transactions to access resources or trigger actions. Each transaction should carry a security identifier (like a digital keycard) that tells the receiving agent the sender's privilege level. Without this identifier, the receiving agent has no way to correctly enforce security policies for that specific request. This missing identifier forces the destination into a guesswork scenario. It may either reject the transaction entirely—causing a functional denial-of-service—or default to allowing it, which can lead to privilege escalation or unauthorized access to protected assets. The core issue is inconsistent tagging of transactions at their source, undermining the chip's entire internal security model.
Impacto no mundo real

Real-world CVEs caused by CWE-1302

Ainda não há referências CVE públicas associadas a este CWE no catálogo da MITRE.

Como os atacantes a exploram

Trajeto do atacante passo a passo

  1. 1

    Consider a system with a register for storing AES key for encryption or decryption. The key is of 128 bits implemented as a set of four 32-bit registers. The key registers are assets, and the register AES_KEY_ACCESS_POLICY is defined to provide the necessary access controls. The access-policy register defines which agents with a security identifier in the transaction can access the AES-key registers. Each bit in this 32-bit register defines a security identifier. There could be a maximum of 32 security identifiers that are allowed accesses to the AES-key registers. The number of the bit when set (i.e., "1") allows for a respective action from an agent whose identity matches the number of the bit; if set to "0" (i.e., Clear), it disallows the respective action to that corresponding agent.

  2. 2

    The originator sends a transaction with no security identifier, i.e., meaning the value is "0" or NULL. The AES-Key-access register does not allow the necessary action and drops the transaction because the originator failed to include the required security identifier.

  3. 3

    The originator should send a transaction with Security Identifier "2" which will allow access to the AES-Key-access register and allow encryption and decryption operations.

Exemplo de código vulnerável

Vulnerable code

Consider a system with a register for storing AES key for encryption or decryption. The key is of 128 bits implemented as a set of four 32-bit registers. The key registers are assets, and the register AES_KEY_ACCESS_POLICY is defined to provide the necessary access controls. The access-policy register defines which agents with a security identifier in the transaction can access the AES-key registers. Each bit in this 32-bit register defines a security identifier. There could be a maximum of 32 security identifiers that are allowed accesses to the AES-key registers. The number of the bit when set (i.e., "1") allows for a respective action from an agent whose identity matches the number of the bit; if set to "0" (i.e., Clear), it disallows the respective action to that corresponding agent.

Vulnerável 
| Register | Field description | 
| --- | --- |
| AES_ENC_DEC_KEY_0 | AES key [0:31] for encryption or decryption, Default 0x00000000  |
| AES_ENC_DEC_KEY_1 | AES key [32:63] for encryption or decryption, Default 0x00000000  |
| AES_ENC_DEC_KEY_2 | AES key [64:95] for encryption or decryption, Default 0x00000000  |
| AES_ENC_DEC_KEY_4 | AES key [96:127] for encryption or decryption, Default 0x00000000  |
| AES_KEY_ACCESS_POLICY | [31:0] Default 0x00000004 - agent with Security Identifier "2" has access to AES_ENC_DEC_KEY_0 through AES_ENC_DEC_KEY_4 registers  |
Exemplo de código seguro

Secure code

The originator sends a transaction with no security identifier, i.e., meaning the value is "0" or NULL. The AES-Key-access register does not allow the necessary action and drops the transaction because the originator failed to include the required security identifier.

Seguro 
| Register | Field description | 
| --- | --- |
| AES_ENC_DEC_KEY_0 | AES key [0:31] for encryption or decryption, Default 0x00000000  |
| AES_ENC_DEC_KEY_1 | AES key [32:63] for encryption or decryption, Default 0x00000000  |
| AES_ENC_DEC_KEY_2 | AES key [64:95] for encryption or decryption, Default 0x00000000  |
| AES_ENC_DEC_KEY_4 | AES key [96:127] for encryption or decryption, Default 0x00000000  |
| AES_KEY_ACCESS_POLICY | [31:0] Default 0x00000002 - agent with security identifier "2" has access to AES_ENC_DEC_KEY_0 through AES_ENC_DEC_KEY_4 registers  |
What changed: the unsafe sink is replaced (or the input is validated/escaped) so the same payload no longer triggers the weakness.
Lista de verificação de prevenção

How to prevent CWE-1302

  • Architecture and Design Transaction details must be reviewed for design inconsistency and common weaknesses.
  • Implementation Security identifier definition and programming flow must be tested in pre-silicon and post-silicon testing.
Sinais de deteção

How to detect CWE-1302

SAST High

Executar análise estática (SAST) na base de código à procura do padrão inseguro no fluxo de dados.

DAST Moderate

Executar testes dinâmicos de segurança de aplicações (DAST) contra o endpoint em execução.

Runtime Moderate

Monitorizar os registos em tempo de execução para traços de exceção invulgares, input malformado ou tentativas de contornar a autorização.

Code review Moderate

Revisão de código: sinalizar qualquer novo código que trate input desta superfície sem usar os ajudantes validados do framework.

Correção automática do Plexicus

O Plexicus deteta automaticamente o CWE-1302 e abre um PR de correção em menos de 60 segundos.

O Codex Remedium analisa cada commit, identifica esta fraqueza exata e entrega um pull request pronto para revisão com o patch. Sem tickets. Sem transferências.

Obter uma demonstração Experimente o Plexicus gratuitamente
Perguntas frequentes

Frequently asked questions

O que é o CWE-1302?

This vulnerability occurs when a System-On-Chip (SoC) component sends a transaction without its required security identifier. The destination hardware cannot properly verify permissions, leading to unintended access or system failure.

Qual a gravidade do CWE-1302?

A MITRE não publicou uma classificação de probabilidade de exploração para esta fraqueza. Trate-a como impacto médio até o seu modelo de ameaças provar o contrário.

Que linguagens ou plataformas são afetadas pelo CWE-1302?

MITRE lists the following affected platforms: Not OS-Specific, Not Architecture-Specific, Not Technology-Specific.

Como posso prevenir o CWE-1302?

Transaction details must be reviewed for design inconsistency and common weaknesses. Security identifier definition and programming flow must be tested in pre-silicon and post-silicon testing.

Como é que o Plexicus deteta e corrige o CWE-1302?

O motor SAST do Plexicus correlaciona a assinatura de fluxo de dados do CWE-1302 em cada commit. Quando é encontrada uma correspondência, o nosso agente Codex Remedium abre um PR de correção com o código corrigido, testes e um resumo de uma linha para o revisor.

Onde posso saber mais sobre o CWE-1302?

A MITRE publica a definição canónica em https://cwe.mitre.org/data/definitions/1302.html. Pode também consultar a documentação da OWASP e do NIST para orientações adjacentes.

Fraquezas relacionadas

Weaknesses related to CWE-1302

CWE-1294 Pai

Insecure Security Identifier Mechanism

This vulnerability occurs when a System-on-Chip (SoC) implements a Security Identifier mechanism to control transaction permissions, but…

CWE-1259 Irmão

Improper Restriction of Security Token Assignment

This vulnerability occurs when a System-on-a-Chip (SoC) fails to properly secure its Security Token mechanism. These tokens control which…

CWE-1270 Irmão

Generation of Incorrect Security Tokens

This vulnerability occurs when a system's security token mechanism, designed to control permissions for different entities or agents,…

CWE-1290 Irmão

Incorrect Decoding of Security Identifiers

This vulnerability occurs when a hardware decoder incorrectly interprets security identifiers in bus transactions, allowing untrusted…

CWE-1292 Irmão

Incorrect Conversion of Security Identifiers

This vulnerability occurs when a hardware system incorrectly translates security identifiers during bus protocol conversion. An improper…

Recursos

Further reading

Pronto quando você estiver

Pare de pagar por desenvolvedor.
Comece a fechar o ciclo.

O Plexicus é o ASPM nativo de IA que verifica, filtra, corrige, pentesta e explica — de forma autónoma. Programadores ilimitados, repos ilimitados, ações de IA de utilização justa. Nível gratuito real, €269/mo anual quando estiver pronto.

Começar grátis Reservar uma demo