Standardlikelihood: Lowseverity: HighDraft

CAPEC-523Malicious Software Implanted

Abstraction
Standard
Status
Draft
Likelihood
Low
Severity
High

Description

An attacker implants malicious software into the system in the supply chain distribution channel, with purpose of causing malicious disruption or allowing for additional compromise when the system is deployed. Metadata: standard CAPEC pattern, status draft, likelihood low, severity high. Mapped ATT&CK technique: [object Object]. Related CAPEC pattern: [object Object].

MITRE ATT&CK crosswalk· 1

T1195.002: Supply Chain Compromise: Compromise Software Supply Chain

Related attack patterns· 1

CAPEC-439 (ChildOf)

Related to1

TypeTargetConfidenceTier
SubTechniqueCompromise Software Supply Chaint1195.002100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Malicious Hardware Component Replacement
CAPEC
Malicious Code Implanted During Chip Programming
CAPEC
Malicious Software Download
CAPEC
Malicious Software Update
CAPEC
Infected Software
CAPEC
Malicious Logic Insertion into Product Software via Configuration Management Manipulation
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.