Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-1220 — Vulnerability Class 68

68 vulnerabilities classified as CWE-1220. AI Chinese analysis included.

CWE-1220 represents a critical access control weakness where security policies are implemented with insufficient granularity, resulting in overly broad permissions that fail to restrict unauthorized access to sensitive assets. This vulnerability typically arises when developers apply coarse-grained controls, such as granting read or write access to entire directories or device groups rather than specific files or components. Attackers exploit this by leveraging legitimate but excessive privileges to access or modify security-sensitive data that should remain isolated. In integrated circuits, this might manifest as allowing a low-privilege processor core to access high-security memory regions intended for cryptographic keys. To mitigate this risk, developers must adopt the principle of least privilege, ensuring that access rights are assigned at the most specific level necessary for functionality. Rigorous code reviews and automated static analysis tools can help identify overly permissive configurations before deployment, thereby enforcing strict boundaries between trusted and untrusted agents within the system architecture.

MITRE CWE Description
The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets. Integrated circuits and hardware engines can expose accesses to assets (device configuration, keys, etc.) to trusted firmware or a software module (commonly set by BIOS/bootloader). This access is typically access-controlled. Upon a power reset, the hardware or system usually starts with default values in registers, and the trusted firmware (Boot firmware) configures the necessary access-control protection. A common weakness that can exist in such protection schemes is that access controls or policies are not granular enough. This condition allows agents beyond trusted agents to access assets and could lead to a loss of functionality or the ability to set up the device securely. This further results in security risks from leaked, sensitive, key material to modification of device configuration.
Common Consequences (1)
Confidentiality, Integrity, Availability, Access ControlModify Memory, Read Memory, Execute Unauthorized Code or Commands, Gain Privileges or Assume Identity, Bypass Protection Mechanism, Other
Mitigations (1)
Architecture and Design, Implementation, TestingAccess-control-policy protections must be reviewed for design inconsistency and common weaknesses. Access-control-policy definition and programming flow must be tested in pre-silicon, post-silicon testing.
Effectiveness: High
Examples (2)
Consider a system with a register for storing AES key for encryption or decryption. The key is 128 bits, implemented as a set of four 32-bit registers. The key registers are assets and registers, AES_KEY_READ_POLICY and AES_KEY_WRITE_POLICY, and are defined to provide necessary access controls. The read-policy register defines which agents can read the AES-key registers, and write-policy register …
Register Field description AES_ENC_DEC_KEY_0 AES key [0:31] for encryption or decryption Default 0x00000000 AES_ENC_DEC_KEY_1 AES key [32:63] for encryption or decryption Default 0x00000000 AES_ENC_DEC_KEY_2 AES key [64:95] for encryption or decryption Default 0x00000000 AES_ENC_DEC_KEY_4 AES key [96:127] for encryption or decryption Default 0x00000000 AES_KEY_READ_WRITE_POLICY [31:0] Default 0x00000006 - meaning agent with identities "1" and "2" can both read from and write to key registers
Bad · Other
AES_KEY_READ_POLICY [31:0] Default 0x00000002 - meaning only Crypto engine with identity "1" can read registers: AES_ENC_DEC_KEY_0, AES_ENC_DEC_KEY_1, AES_ENC_DEC_KEY_2, AES_ENC_DEC_KEY_3 AES_KEY_WRITE_POLICY [31:0] Default 0x00000004 - meaning only trusted firmware with identity "2" can program registers: AES_ENC_DEC_KEY_0, AES_ENC_DEC_KEY_1, AES_ENC_DEC_KEY_2, AES_ENC_DEC_KEY_3
Good · Other
Within the AXI node interface wrapper module in the RISC-V AXI module of the HACK@DAC'19 CVA6 SoC [REF-1346], an access control mechanism is employed to regulate the access of different privileged users to peripherals.
... for (i=0; i<NB_SUBORDINATE; i++) begin for (j=0; j<NB_MANAGER; j++) begin assign connectivity_map_o[i][j] = access_ctrl_i[i][j][priv_lvl_i] || ((j==6) && access_ctrl_i[i][7][priv_lvl_i]); end end ...
Bad · Verilog
... for (i=0; i<NB_SUBORDINATE; i++) begin for (j=0; j<NB_MANAGER; j++) begin assign connectivity_map_o[i][j] = access_ctrl_i[i][j][priv_lvl_i]; end end ...
Good · Verilog
CVE IDTitleCVSSSeverityPublished
CVE-2023-0203 NVIDIA ConnectX 安全漏洞 — NVIDIA ConnectX Firmware 5.0 Medium2023-04-22
CVE-2023-27591 Unauthenticated Miniflux user can bypass allowed networks check to obtain Prometheus metrics — v2 7.5 High2023-03-17
CVE-2022-4813 Insufficient Granularity of Access Control in usememos/memos — usememos/memos 4.3 -2022-12-28
CVE-2022-4801 Insufficient Granularity of Access Control in usememos/memos — usememos/memos 4.3 -2022-12-28
CVE-2022-2475 Haas Automation Controller 安全漏洞 — Haas CNC Controller 9.8 Critical2022-10-28
CVE-2022-36110 Netmaker vulnerable to Insufficient Granularity of Access Control — netmaker 8.8 High2022-09-09
CVE-2022-1461 Non Privilege User can Enable or Disable Registered in openemr/openemr — openemr/openemr 6.5 -2022-04-25
CVE-2022-1177 Accounting User Can Download Patient Reports in openemr in openemr/openemr — openemr/openemr 4.3 -2022-03-30

Vulnerabilities classified as CWE-1220 represent 68 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.