CWE-1316: Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected Ranges
low-riskThe address map of the on-chip fabric has protected and unprotected regions overlapping, allowing an attacker to bypass access control to the overlapping portion of the protected region.
Abstraction: Base
Common Consequences
Confidentiality
→
Bypass Protection Mechanism
Detection Methods
Automated Dynamic Analysis
Review address map in specification to see if there are any overlapping ranges.
Manual Static Analysis
Negative testing of access control on overlapped ranges.
Real-World Examples (1)
| CVE | CVSS | EPSS | KEV |
|---|---|---|---|
| CVE-2019-25655 | 6.2 | 0.0% | — |
0
/ 100
low-risk
Active Threat
0/50 · Minimal
Exploit Availability
0/50 · Minimal