CAPEC-533

Malicious Manual Software Update
Niedrig
Hoch
Draft
2014-06-23
00h00 +00:00
2022-02-22
00h00 +00:00
CAPEC Mitre.org
Benachrichtigung für ein CAPEC
Bleiben Sie über alle Änderungen zu einem bestimmten CAPEC informiert.
Benachrichtigungen verwalten

CAPEC-Beschreibungen

An attacker introduces malicious code to the victim's system by altering the payload of a software update, allowing for additional compromise or site disruption at the victim location. These manual, or user-assisted attacks, vary from requiring the user to download and run an executable, to as streamlined as tricking the user to click a URL. Attacks which aim at penetrating a specific network infrastructure often rely upon secondary attack methods to achieve the desired impact. Spamming, for example, is a common method employed as an secondary attack vector. Thus the attacker has in their arsenal a choice of initial attack vectors ranging from traditional SMTP/POP/IMAP spamming and its varieties, to web-application mechanisms which commonly implement both chat and rich HTML messaging within the user interface.

CAPEC-Informationen

Voraussetzungen

Advanced knowledge about the download and update installation processes.
Advanced knowledge about the deployed system and its various software subcomponents and processes.

Erforderliche Kenntnisse

Able to develop malicious code that can be used on the victim's system while maintaining normal functionality.

Gegenmaßnahmen

Only accept software updates from an official source.

Verwandte Schwachstellen

CWE-ID Name der Schwachstelle

CWE-494

 Download of Code Without Integrity Check
The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code.

Referenzen

REF-710

Fake Microsoft update used in malicious email attack campaign
Sean Endicott.
https://www.msn.com/en-us/news/technology/fake-microsoft-update-used-in-malicious-email-attack-campaign/ar-AALTcVs

Einreichung

Name Organisation Datum Veröffentlichungsdatum
CAPEC Content Team The MITRE Corporation 2014-06-23 +00:00

Änderungen

Name Organisation Datum Kommentar
CAPEC Content Team The MITRE Corporation 2015-11-09 +00:00 Updated Attack_Prerequisites, Attacker_Skills_or_Knowledge_Required, Description Summary, Examples-Instances, References, Related_Attack_Patterns, Typical_Likelihood_of_Exploit
CAPEC Content Team The MITRE Corporation 2019-04-04 +00:00 Updated Related_Weaknesses
CAPEC Content Team The MITRE Corporation 2020-07-30 +00:00 Updated Description
CAPEC Content Team The MITRE Corporation 2022-02-22 +00:00 Updated Example_Instances, Mitigations, References
Die auf CVE Find präsentierten Informationen stammen aus mehreren sorgfältig ausgewählten Referenzquellen. CVE-Daten werden von der MITRE Corporation und der National Vulnerability Database (NVD) bereitgestellt. Der Katalog bekannter ausgenutzter Schwachstellen (KEV) stammt von der Cybersecurity and Infrastructure Security Agency (CISA), während EPSS-Scores von FIRST.org kommen. Darüber hinaus werden Daten zu Software-Schwachstellen (CWE) und häufigen Angriffsmustern (CAPEC) von der MITRE Corporation gepflegt, und Informationen zu Hardware- und Software-Konfigurationen (CPE) werden von der NVD bereitgestellt.