Detailedlikelihood: Lowseverity: HighStable

CAPEC-532Altered Installed BIOS

Abstraction
Detailed
Status
Stable
Likelihood
Low
Severity
High

Description

An attacker with access to download and update system software sends a maliciously altered BIOS to the victim or victim supplier/integrator, which when installed allows for future exploitation. Metadata: detailed CAPEC pattern, status stable, likelihood low, severity high. Mapped ATT&CK techniques: [object Object], [object Object]. Related CAPEC pattern: [object Object].

MITRE ATT&CK crosswalk· 2

T1495: Firmware CorruptionT1542.001: Pre-OS Boot:System Firmware

Related attack patterns· 1

CAPEC-444 (ChildOf)

Related to2

TypeTargetConfidenceTier
SubTechniqueSystem Firmwaret1542.001100%live
TechniqueFirmware Corruptiont1495100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Malicious Hardware Update
CAPEC
Malicious Code Implanted During Chip Programming
CAPEC
Hardware Component Substitution
CAPEC
System Build Data Maliciously Altered
CAPEC
Malicious Hardware Component Replacement
CAPEC
Alteration of a Software Update
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.