Improper isolation of shared resources on a system on a chip by a malicious local attacker with high privileges could potentially lead to a partial loss of integrity.
Weakness
The System-On-a-Chip (SoC) does not properly isolate shared resources between trusted and untrusted agents.
Extended Description
A System-On-a-Chip (SoC) has a lot of functionality, but it may have a limited number of pins or pads. A pin can only perform one function at a time. However, it can be configured to perform multiple different functions. This technique is called pin multiplexing. Similarly, several resources on the chip may be shared to multiplex and support different features or functions. When such resources are shared between trusted and untrusted agents, untrusted agents may be able to access the assets intended to be accessed only by the trusted agents.
Potential Mitigations
- When sharing resources, avoid mixing agents of varying trust levels.
- Untrusted agents should not share resources with trusted agents.