CAPEC-439: Manipulation During Distribution
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
An attacker undermines the integrity of a product, software, or technology at some stage of the distribution channel. The core threat of modification or manipulation during distribution arise from the many stages of distribution, as a product may traverse multiple suppliers and integrators as the final asset is delivered. Components and services provided from a manufacturer to a supplier may be tampered with during integration or packaging.
示例实例
A malicious OEM provider, or OEM provider employee or contractor, may install software, or modify existing code, during distribution.
External contractors involved in the packaging or testing of products or components may install software, or modify existing code, during distribution.
分类映射
| 分类名称 | 条目ID | 条目名称 |
|---|---|---|
| ATTACK | 1195 | Supply Chain Compromise |