CAPEC-531: Hardware Component Substitution

Detailed Draft 严重程度: High 攻击可能性: Low

CAPEC版本: 3.9

更新日期: 2023-01-24

攻击模式描述

An attacker substitutes out a tested and approved hardware component for a maliciously-altered hardware component. This type of attack is carried out directly on the system, enabling the attacker to then cause disruption or additional compromise.

前提条件

  • Physical access to the system or the integration facility where hardware components are kept.

所需技能

High Able to develop and manufacture malicious system components that perform the same functions and processes as their non-malicious counterparts.

示例实例

An attacker has access to an organization's warehouse of card readers being included as a part of an overall security system. By replacing a critical hardware component in the card reader, the attacker is able to alter the function of the card reader to allow an attacker-supplied card to bypass a security checkpoint. The card reader is placed in the warehouse, and later used in the victim's security system. The attacker is then able to go to the victim and use their own card and bypass a physical security checkpoint and gain access to the victim's location for further malicious activity.

分类映射

分类名称 条目ID 条目名称
ATTACK 1195.003 Supply Chain Compromise: Compromise Hardware Supply Chain
关键信息

CAPEC ID: CAPEC-531

抽象级别: Detailed

状态: Draft

典型严重程度: High

攻击可能性: Low

相关攻击模式
ChildOf CAPEC-534

Malicious Hardware Update

Standard
返回列表