Detailedlikelihood: Lowseverity: HighDraft

CAPEC-537Infiltration of Hardware Development Environment

Abstraction
Detailed
Status
Draft
Likelihood
Low
Severity
High

Description

An adversary, leveraging the ability to manipulate components of primary support systems and tools within the development and production environments, inserts malicious software within the hardware and/or firmware development environment. The infiltration purpose is to alter developed hardware components in a system destined for deployment at the victim's organization, for the purpose of disruption or further compromise.

MITRE ATT&CK crosswalk· 1

T1195.003: Supply Chain Compromise: Compromise Hardware Supply Chain

Related attack patterns· 1

CAPEC-444 (ChildOf)

Related to1

TypeTargetConfidenceTier
SubTechniqueCompromise Hardware Supply Chaint1195.003100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Infiltration of Software Development Environment
CAPEC
Infected Hardware
CAPEC
Development Alteration
CAPEC
Software Development Tools Maliciously Altered
CAPEC
Malicious Hardware Update
CAPEC
Counterfeit Hardware Component Inserted During Product Assembly
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.