CWE-1252
00h00 +00:00
00h00 +00:00
Name: CPU Hardware Not Configured to Support Exclusivity of Write and Execute Operations
CWE Description
CPUs provide a special bit that supports exclusivity of write and execute operations. This bit is used to segregate areas of memory to either mark them as code (instructions, which can be executed) or data (which should not be executed). In this way, if a user can write to a region of memory, the user cannot execute from that region and vice versa. This exclusivity provided by special hardware bit is leveraged by the operating system to protect executable space. While this bit is available in most modern processors by default, in some CPUs the exclusivity is implemented via a memory-protection unit (MPU) and memory-management unit (MMU) in which memory regions can be carved out with exact read, write, and execute permissions. However, if the CPU does not have an MMU/MPU, then there is no write exclusivity. Without configuring exclusivity of operations via segregated areas of memory, an attacker may be able to inject malicious code onto memory and later execute it.
General Informations
Modes Of Introduction
Architecture and DesignApplicable Platforms
Language
Class: Not Language-Specific (Undetermined)Operating Systems
Class: Not OS-Specific (Undetermined)Architectures
Class: Not Architecture-Specific (Undetermined)Technologies
Name: Microcontroller Hardware (Undetermined)Name: Processor Hardware (Undetermined)
Common Consequences
| Scope | Impact | Likelihood |
|---|---|---|
| Confidentiality Integrity | Execute Unauthorized Code or Commands |
Potential Mitigations
Phases : Architecture and DesignImplement a dedicated bit that can be leveraged by the Operating System to mark data areas as non-executable. If such a bit is not available in the CPU, implement MMU/MPU (memory management unit / memory protection unit).
Phases : Integration
If MMU/MPU are not available, then the firewalls need to be implemented in the SoC interconnect to mimic the write-exclusivity operation.
Vulnerability Mapping Notes
Justification : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.Comment : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Related Attack Patterns
| CAPEC-ID | Attack Pattern Name |
|---|---|
| CAPEC-679 | Exploitation of Improperly Configured or Implemented Memory Protections An adversary takes advantage of missing or incorrectly configured access control within memory to read/write data or inject malicious code into said memory. |
References
REF-1076
Cortex-R4 ManualARM.
https://developer.arm.com/Processors/Cortex-M4
REF-1077
MCS 51 Microcontroller Family User's ManualIntel.
http://web.mit.edu/6.115/www/document/8051.pdf
REF-1078
Memory Protection Unit (MPU)ARM.
https://web.archive.org/web/20200630034848/https://static.docs.arm.com/100699/0100/armv8m_architecture_memory_protection_unit_100699_0100_00_en.pdf
Submission
| Name | Organization | Date | Date release | Version |
|---|---|---|---|---|
| Arun Kanuparthi, Hareesh Khattri, Parbati Kumar Manna, Narasimha Kumar V Mangipudi | Intel Corporation | 4.0 |
Modifications
| Name | Organization | Date | Comment |
|---|---|---|---|
| CWE Content Team | MITRE | updated Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Applicable_Platforms, Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Applicable_Platforms | |
| CWE Content Team | MITRE | updated References, Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes |
