Standardlikelihood: Lowseverity: HighStable

CAPEC-534Malicious Hardware Update

Abstraction
Standard
Status
Stable
Likelihood
Low
Severity
High

Description

An adversary introduces malicious hardware during an update or replacement procedure, allowing for additional compromise or site disruption at the victim location. After deployment, it is not uncommon for upgrades and replacements to occur involving hardware and various replaceable parts. These upgrades and replacements are intended to correct defects, provide additional features, and to replace broken or worn-out parts. However, by forcing or tricking the replacement of a good component with a defective or corrupted component, an adversary can leverage known defects to obtain a desired malicious impact.

Related attack patterns· 1

CAPEC-440 (ChildOf)

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Malicious Hardware Component Replacement
CAPEC
Hardware Integrity Attack
CAPEC
Infected Hardware
CAPEC
Malicious Gray Market Hardware
CAPEC
Hardware Component Substitution
CAPEC
Counterfeit Hardware Component Inserted During Product Assembly
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.