Standardseverity: Very HighDraft

CAPEC-185Malicious Software Download

Abstraction
Standard
Status
Draft
Severity
Very High

Description

An attacker uses deceptive methods to cause a user or an automated process to download and install dangerous code that originates from an attacker controlled source. There are several variations to this strategy of attack. Metadata: standard CAPEC pattern, status draft, severity very high. Underlying weakness: CWE-494. Related CAPEC patterns: [object Object], [object Object].

Related weaknesses· 1

CWE-494

Related attack patterns· 2

CAPEC-184 (ChildOf)CAPEC-662 (CanPrecede)

Exploits1

TypeTargetConfidenceTier
WeaknessDownload of Code Without Integrity Checkcwe-494100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Malicious Software Update
CAPEC
Malicious Automated Software Update via Redirection
CAPEC
Malicious Software Implanted
CAPEC
Software Integrity Attack
CAPEC
Malicious Manual Software Update
CAPEC
Install Malicious Extension
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.