CAPEC-702
Description
An adversary exploits incorrect chaining or granularity of hardware debug components in order to gain unauthorized access to debug functionality on a chip. This happens when authorization is not checked on a per function basis and is assumed for a chain or group of debug functionality.
Prerequisites
Hardware device has an exposed debug interface
Mitigations
Implement: Ensure that debug components are properly chained, and their granularity is maintained at different authorization levels
Perform Post-silicon validation tests at various authorization levels to ensure that debug components are only accessible to authorized users
Skills Required
[Medium] Ability to identify physical debug interfaces on a device
[Medium] Ability to operate devices to scan and connect to an exposed debug interface