Detailedlikelihood: Highseverity: Very HighStable
CAPEC-13Subverting Environment Variable Values
Abstraction
Detailed
Status
Stable
Likelihood
High
Severity
Very High
Description
The adversary directly or indirectly modifies environment variables used by or controlling the target software. The adversary's goal is to cause the target software to deviate from its expected operation in a manner that benefits the adversary.
Metadata: detailed CAPEC pattern, status stable, likelihood high, severity very high. Underlying weaknesses: CWE-353, CWE-285, CWE-302, CWE-74, CWE-15 (and 3 more). Mapped ATT&CK techniques: [object Object], [object Object], [object Object]. Related CAPEC patterns: [object Object], [object Object], [object Object].
Related weaknesses· 8
MITRE ATT&CK crosswalk· 3
Related attack patterns· 3
Exploits8
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Weakness | Missing Support for Integrity Checkcwe-353 | 100% | live |
| Weakness | Exposure of Sensitive Information to an Unauthorized Actorcwe-200 | 100% | live |
| Weakness | External Control of File Name or Pathcwe-73 | 100% | live |
| Weakness | External Control of System or Configuration Settingcwe-15 | 100% | live |
| Weakness | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')cwe-74 | 100% | live |
| Weakness | Authentication Bypass by Assumed-Immutable Datacwe-302 | 100% | live |
| Weakness | Improper Authorizationcwe-285 | 100% | live |
| Weakness | Improper Input Validationcwe-20 | 100% | live |
Related to3
| Type | Target | Confidence | Tier |
|---|---|---|---|
| SubTechnique | Path Interception by PATH Environment Variablet1574.007 | 100% | live |
| SubTechnique | Impair Command History Loggingt1562.003 | 100% | live |
| SubTechnique | Dynamic Linker Hijackingt1574.006 | 100% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.