Firmware Manipulation via Debug Interface due to Flash Memory Read-Out Protection Vulnerabilities

Description

Firmware Manipulation via Debug Interface due to Flash Memory Read-Out Protection Vulnerabilities

CWE

1314

CVE

Attack Surfaces

Debug Interface (MITRE EMB3D PID-15)

Controller Implementation (MITRE EMB3D PID-11)

FW

Memory (MITRE EMB3D PID-12)

Attack Vectors

Firmware Execution

ROM Extraction (MITRE EMB3D TID-108)

Firmware Rollback (MITRE EMB3D TID-216)

Defenses

Protection against Flawed Read-out Protection, Store the OTP Secrets Encrypted in Flash Memory and Derive a Key from this PIN

Prevent Offline Brute Force Attacks, Require Minimum PIN length, Use Hash-Based Key Derivation Function