CWE-1257
Improper Access Control Applied to Mirrored or Aliased Memory Regions
Incomplete
2020-02-24
00h00 +00:00
00h00 +00:00
2025-12-11
00h00 +00:00
00h00 +00:00
Notifications for a CWE
Stay informed of any changes for a specific CWE.
Name: Improper Access Control Applied to Mirrored or Aliased Memory Regions
Aliased or mirrored memory regions in hardware designs may have inconsistent read/write permissions enforced by the hardware. A possible result is that an untrusted agent is blocked from accessing a memory region but is not blocked from accessing the corresponding aliased memory region.
General Informations
Modes Of Introduction
Architecture and DesignImplementation
Applicable Platforms
Language
Class: Not Language-Specific (Undetermined)Operating Systems
Class: Not OS-Specific (Undetermined)Architectures
Class: Not Architecture-Specific (Undetermined)Technologies
Name: Memory Hardware (Undetermined)Name: Processor Hardware (Undetermined)
Name: Microcontroller Hardware (Undetermined)
Name: Network on Chip Hardware (Undetermined)
Class: System on Chip (Undetermined)
Common Consequences
| Scope | Impact | Likelihood |
|---|---|---|
| Confidentiality | Read Memory | High |
| Integrity | Modify Memory | High |
| Availability | DoS: Instability | High |
Potential Mitigations
Phases : Architecture and Design // ImplementationThe checks should be applied for consistency access rights between primary memory regions and any mirrored or aliased memory regions. If different memory protection units (MPU) are protecting the aliased regions, their protected range definitions and policies should be synchronized.
Phases : Architecture and Design // Implementation
The controls that allow enabling memory aliases or changing the size of mapped memory regions should only be programmable by trusted software components.
Vulnerability Mapping Notes
Justification : This CWE entry is at the Base level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.Comment : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Related Attack Patterns
| CAPEC-ID | Attack Pattern Name |
|---|---|
| CAPEC-456 | Infected Memory
An adversary inserts malicious logic into memory enabling them to achieve a negative impact. This logic is often hidden from the user of the system and works behind the scenes to achieve negative impacts. This pattern of attack focuses on systems already fielded and used in operation as opposed to systems that are still under development and part of the supply chain. |
| CAPEC-679 | Exploitation of Improperly Configured or Implemented Memory Protections
|
Submission
| Name | Organization | Date | Date release | Version |
|---|---|---|---|---|
| Arun Kanuparthi, Hareesh Khattri, Parbati Kumar Manna, Narasimha Kumar V Mangipudi | Intel Corporation | 4.1 |
Modifications
| Name | Organization | Date | Comment |
|---|---|---|---|
| CWE Content Team | MITRE | updated Demonstrative_Examples, Description, Modes_of_Introduction, Potential_Mitigations, Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Potential_Mitigations | |
| CWE Content Team | MITRE | updated Applicable_Platforms, Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Applicable_Platforms | |
| CWE Content Team | MITRE | updated Demonstrative_Examples | |
| CWE Content Team | MITRE | updated Related_Attack_Patterns | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Mapping_Notes | |
| CWE Content Team | MITRE | updated Weakness_Ordinalities |
