CAPEC-519: Documentation Alteration to Cause Errors in System Design
CAPEC版本: 3.9
更新日期: 2023-01-24
攻击模式描述
An attacker with access to a manufacturer's documentation containing requirements allocation and software design processes maliciously alters the documentation in order to cause errors in system design. This allows the attacker to take advantage of a weakness in a deployed system of the manufacturer for malicious purposes.
前提条件
- Advanced knowledge of software capabilities of a manufacturer's product.
- Access to the manufacturer's documentation.
所需技能
缓解措施
Digitize documents and cryptographically sign them to verify authenticity.
Password protect documents and make them read-only for unauthorized users.
Avoid emailing important documents and configurations.
Ensure deleted files are actually deleted.
Maintain multiple instances of the document across different privileged users for recovery and verification.
示例实例
During operation, a firewall will restart various subsystems to reload and implement new rules as added by the user. An attacker alters the software design dependencies in the manufacturer's documentation so that under certain predictable conditions the reload will fail to load in rules resulting in a "fail open" state. Once deployed at a victim site, this will allow the attacker to bypass the victim's firewall.