Standardseverity: MediumDraft

CAPEC-166Force the System to Reset Values

Abstraction
Standard
Status
Draft
Severity
Medium

Description

An attacker forces the target into a previous state in order to leverage potential weaknesses in the target dependent upon a prior configuration or state-dependent factors. Even in cases where an attacker may not be able to directly control the configuration of the targeted application, they may be able to reset the configuration to a prior state since many applications implement reset functions.

Related weaknesses· 3

CWE-306CWE-1221CWE-1232

Related attack patterns· 1

CAPEC-161 (ChildOf)

Exploits3

TypeTargetConfidenceTier
WeaknessIncorrect Register Defaults or Module Parameterscwe-1221100%live
WeaknessMissing Authentication for Critical Functioncwe-306100%live
WeaknessImproper Lock Behavior After Power State Transitioncwe-1232100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Configuration/Environment Manipulation
CAPEC
Connection Reset
CAPEC
Software Integrity Attack
CAPEC
Data Injected During Configuration
CAPEC
Subverting Environment Variable Values
CAPEC
Exploiting Incorrectly Configured Access Control Security Levels
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.