StandardDraft

CAPEC-473Signature Spoof

Abstraction
Standard
Status
Draft

Description

An attacker generates a message or datablock that causes the recipient to believe that the message or datablock was generated and cryptographically signed by an authoritative or reputable source, misleading a victim or victim operating system into performing malicious actions. Metadata: standard CAPEC pattern, status draft. Underlying weaknesses: CWE-20, CWE-327, CWE-290. Mapped ATT&CK techniques: [object Object], [object Object]. Related CAPEC pattern: [object Object].

Related weaknesses· 3

CWE-20CWE-327CWE-290

MITRE ATT&CK crosswalk· 2

T1036.001: Masquerading: Invalid Code SignatureT1553.002: Subvert Trust Controls: Code Signing

Related attack patterns· 1

CAPEC-151 (ChildOf)

Exploits3

TypeTargetConfidenceTier
WeaknessAuthentication Bypass by Spoofingcwe-290100%live
WeaknessUse of a Broken or Risky Cryptographic Algorithmcwe-327100%live
WeaknessImproper Input Validationcwe-20100%live

Related to2

TypeTargetConfidenceTier
SubTechniqueCode Signingt1553.002100%live
SubTechniqueInvalid Code Signaturet1036.001100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Signature Spoofing by Key Theft
CAPEC
Signature Spoofing by Improper Validation
CAPEC
Signature Spoofing by Misrepresentation
CAPEC
Signature Spoofing by Mixing Signed and Unsigned Content
CAPEC
Signature Spoofing by Key Recreation
CAPEC
Checksum Spoofing
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.