CAPEC-523: Malicious Software Implanted

Description
An attacker implants malicious software into the system in the supply chain distribution channel, with purpose of causing malicious disruption or allowing for additional compromise when the system is deployed.
Extended Description

WS-Addressing is used to virtualize services, provide return addresses and other routing information, however, unless the WS-Addressing headers are protected they are vulnerable to rewriting. Content in a registry is deployed by the service provider. The registry in an SOA or Web Services system can be accessed by the service requester via UDDI or other protocol.

Severity :

High

Possibility :

Low

Type :

Standard
Relationships with other CAPECs

This table shows the other attack patterns and high level categories that are related to this attack pattern.

CAPEC-439: Manipulation During Distribution Manipulation During Distribution
Prerequisites

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • Physical access to the system after it has left the manufacturer but before it is deployed at the victim location.
Skills required

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • High Advanced knowledge of the design of the system and it's operating system components and subcomponents.
  • High Malicious software creation.
Taxonomy mappings

Mappings to ATT&CK, OWASP and other frameworks.

ATTACK | Supply Chain Compromise: Compromise Software Supply Chain
Related CWE

A Related Weakness relationship associates a weakness with this attack pattern. Each association implies a weakness that must exist for a given attack to be successful.

Visit http://capec.mitre.org/ for more details.