1. Home
  2. CWE Database
  3. CWE-1245
Base · Medium

CWE-1245: Improper Finite State Machines (FSMs) in Hardware Logic

Faulty finite state machines (FSMs) in the hardware logic allow an attacker to put the system in an undefined state, to cause a denial of service (DoS) or gain privileges on the victim's system.

CWE-1245 · Base Level ·1 Mitigations

Description

Faulty finite state machines (FSMs) in the hardware logic allow an attacker to put the system in an undefined state, to cause a denial of service (DoS) or gain privileges on the victim's system.

The functionality and security of the system heavily depend on the implementation of FSMs. FSMs can be used to indicate the current security state of the system. Lots of secure data operations and data transfers rely on the state reported by the FSM.

Potential Impact

Availability, Access Control

Unexpected State, DoS: Crash, Exit, or Restart, DoS: Instability, Gain Privileges or Assume Identity

Demonstrative Examples

The Finite State Machine (FSM) shown in the "bad" code snippet below assigns the output ("out") based on the value of state, which is determined based on the user provided input ("user_input").
Bad
module fsm_1(out, user_input, clk, rst_n);
					  input [2:0] user_input; 
					  input clk, rst_n;
					  output reg [2:0] out;
					  reg [1:0] state;
					  always @ (posedge clk or negedge rst_n )
					  
					  begin
					  
					  
						if (!rst_n)
						
						  state = 3'h0;
						
						else
						case (user_input)
						
						  3'h0:
						  3'h1:
						  3'h2:
						  3'h3: state = 2'h3;
						  3'h4: state = 2'h2;
						  3'h5: state = 2'h1;
						
						endcase
					  
					  end
					  out <= {1'h1, state};
					  
					  endmodule
Good
case (user_input)
					  3'h0:
					  3'h1:
					  3'h2:
					  3'h3: state = 2'h3;
					  3'h4: state = 2'h2;
					  3'h5: state = 2'h1;
					  default: state = 2'h0;
					
					  endcase

Mitigations & Prevention

Architecture and DesignImplementation High

Define all possible states and handle all unused states through default statements. Ensure that system defaults to a secure state.

CWE-684: Incorrect Provision of Specified Functionality

The code does not function according to its published specifications, potentially leading to incorrect usage.

Frequently Asked Questions

What is CWE-1245?

CWE-1245 (Improper Finite State Machines (FSMs) in Hardware Logic) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Base-level weakness. Faulty finite state machines (FSMs) in the hardware logic allow an attacker to put the system in an undefined state, to cause a denial of service (DoS) or gain privileges on the victim's system.

How can CWE-1245 be exploited?

Attackers can exploit CWE-1245 (Improper Finite State Machines (FSMs) in Hardware Logic) to unexpected state, dos: crash, exit, or restart, dos: instability, gain privileges or assume identity. This weakness is typically introduced during the Architecture and Design, Implementation phase of software development.

How do I prevent CWE-1245?

Key mitigations include: Define all possible states and handle all unused states through default statements. Ensure that system defaults to a secure state.

What is the severity of CWE-1245?

CWE-1245 is classified as a Base-level weakness (Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.