CAPEC-679: Exploitation of Improperly Configured or Implemented Memory Protections

Description
<p>An adversary takes advantage of missing or incorrectly configured access control within memory to read/write data or inject malicious code into said memory.<p>
Extended Description

Hardware product designs often need to implement memory protection features to prevent users from reading and modifying memory reserved for security operations such as secure booting, authenticating code, device attestation, and more. However, these protection features may be missing if not configured by developers. For example, this can occur if the developers assume these features are configured elsewhere. Additionally, developers often attempt to impose proper protection features, but may incorrectly configure these controls. One such example would be setting controls with insufficient granularity for protected address regions. If an adversary is able to discover improper access controls surrounding memory, it could result in the adversary obtaining sensitive data, executing code, circumventing security mechanisms, escalating privileges, or even denying service to higher privilege software.

Severity :

Very High

Possibility :

Medium

Type :

Detailed
Prerequisites

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • Access to the hardware being leveraged.
Skills required

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • Medium Ability to craft malicious code to inject into the memory region.
  • High Intricate knowledge of memory structures.
Taxonomy mappings

Mappings to ATT&CK, OWASP and other frameworks.

Visit http://capec.mitre.org/ for more details.

© cvefeed.io
Latest DB Update: Dec. 23, 2024 2:59