LiveActive security incident?Get immediate response
CWE Reference

CWE-1312: Missing Protection for Mirrored Regions in… | Glexia

CWE-1312 (Missing Protection for Mirrored Regions in On-Chip Fabric Firewall) weakness overview with consequences, detection methods, mitigations, related CVEs and…

Release 4.20weaknessDraft

Glexia's Take · Automated analysis

CWE-1312: Missing Protection for Mirrored Regions in On-Chip Fabric Firewall

Missing Protection for Mirrored Regions in On-Chip Fabric Firewall represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.

Executive Impact

  • Confidentiality,Integrity,Access Control: Modify Memory,Read Memory,Bypass Protection Mechanism

Developer Pattern

CWE-1312 is the kind of defect developers can usually prevent with explicit validation, safer framework defaults, and tests that exercise hostile input or unsafe state transitions.

Automation confidence

high confidence from CWE-1312, 4.20.

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Official CWE Definition

CWE-1312: Missing Protection for Mirrored Regions in On-Chip Fabric Firewall

The firewall in an on-chip fabric protects the main addressed region, but it does not protect any mirrored memory or memory-mapped-IO (MMIO) regions.

Type
weakness
Abstraction
Base
Status
Draft
Source
MITRE CWE definition

Developer And Remediation Guidance

How teams prevent and detect this weakness

Causes

  • A memory-controller IP block is connected to the on-chip fabric in a System on Chip (SoC). The memory controller is configured to divide the memory into four parts: one original and three mirrored regions inside the memory. The upper two bits of the address indicate which region is being addressed. 00 indicates the original region and 01, 10, and 11 are used to address the mirrored regions. All four regions operate in a lock-step manner and are always synchronized. The firewall in the on-chip fabric is programmed to protect the assets in the memory. The firewall only protects the original range but not the mirrored regions.,The attacker (as an unprivileged user) sends a write transaction to the mirrored region. The mirrored region has an address with the upper two bits set to "10" and the remaining bits of the address pointing to an asset. The firewall does not block this write transaction. Once the write is successful, contents in the protected-memory region are also updated. Thus, the attacker can bypass existing, memory protections.,Firewall should protect mirrored regions.

Remediation

  • Architecture and Design: The fabric firewall should apply the same protections as the original region to the mirrored regions.
  • Implementation: The fabric firewall should apply the same protections as the original region to the mirrored regions.

Detection

  • Manual Dynamic Analysis: Using an external debugger, send write transactions to mirrored regions to test if original, write-protected regions are modified. Similarly, send read transactions to mirrored regions to test if the original, read-protected signals can be read.

Mappings

Related CVEs, CWEs, and ATT&CK context

Related CWEs

Related CVEs

Related CVE mappings appear after CVE records are cross-indexed.

Open CWE CVE mapping

ATT&CK Relevance

ATT&CK relevance is shown only when reviewed or responsibly inferred.