The adversary explores to gauge what level of access they have.
The adversary confirms access to a resource on the target host. The adversary confirms ability to modify the targeted resource.
The adversary decides to leverage the race condition by "running the race", meaning that they would modify the resource between the first time the target program accesses the file and the time the target program uses the file. During that period of time, the adversary can replace the resource and cause an escalation of privilege.
Weakness Name | |
---|---|
Time-of-check Time-of-use (TOCTOU) Race Condition The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state. |
|
Context Switching Race Condition A product performs a series of non-atomic actions to switch between contexts that cross privilege or other security boundaries, but a race condition allows an attacker to modify or misrepresent the product's behavior during the switch. |
|
Race Condition within a Thread If two threads of execution use a resource simultaneously, there exists the possibility that resources may be used while invalid, in turn making the state of execution undefined. |
|
Missing Check for Certificate Revocation after Initial Check The product does not check the revocation status of a certificate after its initial revocation check, which can cause the product to perform privileged actions even after the certificate is revoked at a later time. |
|
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently. |
|
Improper Synchronization The product utilizes multiple threads or processes to allow temporary access to a shared resource that can only be exclusive to one process at a time, but it does not properly synchronize these actions, which might cause simultaneous accesses of this resource by multiple threads or processes. |
|
Insufficient Control Flow Management The code does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways. |
|
Use of a Non-reentrant Function in a Concurrent Context The product calls a non-reentrant function in a concurrent context in which a competing code sequence (e.g. thread or signal handler) may have an opportunity to call the same function or otherwise influence its state. |
|
Improper Initialization The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used. |
Name | Organization | Date | Date Release |
---|---|---|---|
CAPEC Content Team | The MITRE Corporation |
Name | Organization | Date | Comment |
---|---|---|---|
CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns | |
CAPEC Content Team | The MITRE Corporation | Updated Attack_Phases, Attack_Prerequisites, Description Summary, Examples-Instances | |
CAPEC Content Team | The MITRE Corporation | Updated References | |
CAPEC Content Team | The MITRE Corporation | Updated @Abstraction | |
CAPEC Content Team | The MITRE Corporation | Updated Example_Instances, Execution_Flow, Related_Attack_Patterns | |
CAPEC Content Team | The MITRE Corporation | Updated Example_Instances |