Detailedlikelihood: Highseverity: Very HighDraft

CAPEC-37Retrieve Embedded Sensitive Data

Abstraction
Detailed
Status
Draft
Likelihood
High
Severity
Very High

Description

An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack. Metadata: detailed CAPEC pattern, status draft, likelihood high, severity very high. Underlying weaknesses: CWE-226, CWE-311, CWE-525, CWE-312, CWE-314 (and 9 more). Mapped ATT&CK techniques: [object Object], [object Object]. Related CAPEC pattern: [object Object].

Related weaknesses· 14

CWE-226CWE-311CWE-525CWE-312CWE-314CWE-315CWE-318CWE-1239CWE-1258CWE-1266CWE-1272CWE-1278CWE-1301CWE-1330

MITRE ATT&CK crosswalk· 2

T1005: Data from Local SystemT1552.004: Unsecured Credentials: Private Keys

Related attack patterns· 1

CAPEC-167 (ChildOf)

Exploits14

TypeTargetConfidenceTier
WeaknessSensitive Information Uncleared Before Debug/Power State Transitioncwe-1272100%live
WeaknessExposure of Sensitive System Information Due to Uncleared Debug Informationcwe-1258100%live
WeaknessCleartext Storage of Sensitive Informationcwe-312100%live
WeaknessCleartext Storage in the Registrycwe-314100%live
WeaknessSensitive Information in Resource Not Removed Before Reusecwe-226100%live
WeaknessCleartext Storage of Sensitive Information in a Cookiecwe-315100%live
WeaknessMissing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniquescwe-1278100%live
WeaknessImproper Zeroization of Hardware Registercwe-1239100%live
WeaknessInsufficient or Incomplete Data Removal within Hardware Componentcwe-1301100%live
WeaknessUse of Web Browser Cache Containing Sensitive Informationcwe-525100%live
WeaknessMissing Encryption of Sensitive Datacwe-311100%live
WeaknessRemanent Data Readable after Memory Erasecwe-1330100%live
WeaknessCleartext Storage of Sensitive Information in Executablecwe-318100%live
WeaknessImproper Scrubbing of Sensitive Data from Decommissioned Devicecwe-1266100%live

Related to2

TypeTargetConfidenceTier
SubTechniquePrivate Keyst1552.004100%live
TechniqueData from Local Systemt1005100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
DEPRECATED: Lifting credential(s)/key material embedded in client distributions (thick or thin)
CAPEC
Excavation
CAPEC
Lifting Sensitive Data Embedded in Cache
CAPEC
Probe System Files
CAPEC
Read Sensitive Constants Within an Executable
CAPEC
Utilizing REST's Trust in the System Resource to Obtain Sensitive Data
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.