Standardlikelihood: Mediumseverity: HighStable

CAPEC-456Infected Memory

Abstraction
Standard
Status
Stable
Likelihood
Medium
Severity
High

Description

An adversary inserts malicious logic into memory enabling them to achieve a negative impact. This logic is often hidden from the user of the system and works behind the scenes to achieve negative impacts. This pattern of attack focuses on systems already fielded and used in operation as opposed to systems that are still under development and part of the supply chain.

Related weaknesses· 5

CWE-1257CWE-1260CWE-1274CWE-1312CWE-1316

Related attack patterns· 1

CAPEC-441 (ChildOf)

Exploits5

TypeTargetConfidenceTier
WeaknessImproper Access Control Applied to Mirrored or Aliased Memory Regionscwe-1257100%live
WeaknessImproper Handling of Overlap Between Protected Memory Rangescwe-1260100%live
WeaknessFabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected Rangescwe-1316100%live
WeaknessMissing Protection for Mirrored Regions in On-Chip Fabric Firewallcwe-1312100%live
WeaknessImproper Access Control for Volatile Memory Containing Boot Codecwe-1274100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Infected Software
CAPEC
Infected Hardware
CAPEC
Malicious Logic Insertion
CAPEC
Infiltration of Hardware Development Environment
CAPEC
Flash Memory Attacks
CAPEC
Targeted Malware
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.