CWE-1317: Improper Access Control in Fabric Bridge

BaseDraft

The product uses a fabric bridge for transactions between two Intellectual Property (IP) blocks, but the bridge does not properly perform the expected privilege, identity, or other access control checks between those IP blocks.

View on MITRE
Back to CWE Lookup

Extended Description

In hardware designs, different IP blocks are connected through interconnect-bus fabrics (e.g. AHB and OCP). Within a System on Chip (SoC), the IP block subsystems could be using different bus protocols. In such a case, the IP blocks are then linked to the central bus (and to other IP blocks) through a fabric bridge. Bridges are used as bus-interconnect-routing modules that link different protocols or separate, different segments of the overall SoC interconnect. For overall system security, it is important that the access-control privileges associated with any fabric transaction are consistently maintained and applied, even when they are routed or translated by a fabric bridge. A bridge that is connected to a fabric without security features forwards transactions to the slave without checking the privilege level of the master and results in a weakness in SoC access-control security. The same weakness occurs if a bridge does not check the hardware identity of the transaction received from the slave interface of the bridge.

Technical Details

Structure
Simple

Applicable To

Languages
Not Language-Specific
Platforms
Not OS-Specific

Frequently Asked Questions

What is CWE-1317: Improper Access Control in Fabric Bridge?+

CWE-1317: Improper Access Control in Fabric Bridge is a Common Weakness Enumeration (CWE) entry maintained by MITRE. The product uses a fabric bridge for transactions between two Intellectual Property (IP) blocks, but the bridge does not properly perform the expected privilege, identity, or other access control checks between those IP blocks. In hardware designs, different IP blocks are connected through interconnect-bus fabrics (e.g. AHB and OCP). Within a System on Chip (SoC), the IP block subsystems could be using different bus protocols. In such a case, the IP blocks are then linked to the central bus (and to other IP blocks) through a fabric bridge. Bridges are used as bus-interconnect-routing modules that link different protocols or separate, different segments of the overall SoC interconnect. For overall system security, it is important that the access-control privileges associated with any fabric transaction are consistently maintained and applied, even when they are routed or translated by a fabric bridge. A bridge that is connected to a fabric without security features forwards transactions to the slave without checking the privilege level of the master and results in a weakness in SoC access-control security. The same weakness occurs if a bridge does not check the hardware identity of the transaction received from the slave interface of the bridge.

What are the security consequences of Improper Access Control in Fabric Bridge?+

If exploited, CWE-1317 (Improper Access Control in Fabric Bridge) it can compromise Confidentiality, Integrity, Access Control and Availability, leading to outcomes such as DoS: Crash, Exit, or Restart, Bypass Protection Mechanism, Read Memory and Modify Memory.

How do you prevent or mitigate Improper Access Control in Fabric Bridge?+

Recommended mitigations for CWE-1317 include: Ensure that the design includes provisions for access-control checks in the bridge for both upstream and downstream transactions. Implement access-control checks in the bridge for both upstream and downstream transactions.

How is Improper Access Control in Fabric Bridge detected?+

CWE-1317 can be detected using Simulation / Emulation and Formal Verification. Combining automated tooling with manual review typically yields the best coverage.

Which programming languages are affected by Improper Access Control in Fabric Bridge?+

CWE-1317 commonly affects Not Language-Specific. Note that weaknesses are often language-agnostic patterns, so secure coding practices apply broadly.

What are real-world examples of Improper Access Control in Fabric Bridge?+

MITRE documents real CVEs mapped to CWE-1317, including CVE-2019-6260. You can look up the full details of each CVE, including CVSS scores and remediation guidance, on our CVE Lookup tool.

What is the difference between a CWE and a CVE?+

A CWE (Common Weakness Enumeration) like CWE-1317 describes a category of software weakness — the underlying flaw type. A CVE (Common Vulnerabilities and Exposures) identifies a specific, real-world vulnerability in a particular product. In short, a CWE is the kind of mistake, and a CVE is an instance of that mistake being found in software.

Learn More