Detailedlikelihood: Highseverity: HighDraft

CAPEC-187Malicious Automated Software Update via Redirection

Abstraction
Detailed
Status
Draft
Likelihood
High
Severity
High

Description

An attacker exploits two layers of weaknesses in server or client software for automated update mechanisms to undermine the integrity of the target code-base. The first weakness involves a failure to properly authenticate a server as a source of update or patch content. This type of weakness typically results from authentication mechanisms which can be defeated, allowing a hostile server to satisfy the criteria that establish a trust relationship. The second weakness is a systemic failure to validate the identity and integrity of code downloaded from a remote location, hence the inability to distinguish malicious code from a legitimate update.

Related weaknesses· 1

CWE-494

MITRE ATT&CK crosswalk· 1

T1072: Software Deployment Tools

Related attack patterns· 1

CAPEC-186 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessDownload of Code Without Integrity Checkcwe-494100%live

Related to1

TypeTargetConfidenceTier
TechniqueSoftware Deployment Toolst1072100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Malicious Software Update
CAPEC
Malicious Automated Software Update via Spoofing
CAPEC
Malicious Manual Software Update
CAPEC
Malicious Software Download
CAPEC
Software Integrity Attack
CAPEC
Malicious Hardware Update
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.