CAPEC-626: Smudge Attack

Detailed Draft

CAPEC版本: 3.9

更新日期: 2023-01-24

攻击模式描述

Attacks that reveal the password/passcode pattern on a touchscreen device by detecting oil smudges left behind by the user’s fingers.

前提条件

  • The attacker must have physical access to the device.

所需技能

Medium The attacker must know how to make use of these smudges.

后果影响

影响范围: Access Control

技术影响: Bypass Protection Mechanism

缓解措施

Strong physical security of the device.

关键信息

CAPEC ID: CAPEC-626

抽象级别: Detailed

状态: Draft

相关攻击模式
ChildOf CAPEC-395

Bypassing Electronic Locks and Access Controls

Standard
返回列表