Detailedlikelihood: Mediumseverity: MediumDraft

CAPEC-647Collect Data from Registries

Abstraction
Detailed
Status
Draft
Likelihood
Medium
Severity
Medium

Description

An adversary exploits a weakness in authorization to gather system-specific data and sensitive information within a registry (e.g., Windows Registry, Mac plist). These contain information about the system configuration, software, operating system, and security. The adversary can leverage information gathered in order to carry out further attacks.

Related weaknesses· 1

CWE-285

MITRE ATT&CK crosswalk· 3

T1005: Data from Local SystemT1012: Query RegistryT1552.002: Unsecured Credentials: Credentials in Registry

Related attack patterns· 1

CAPEC-150 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessImproper Authorizationcwe-285100%live

Related to3

TypeTargetConfidenceTier
TechniqueQuery Registryt1012100%live
TechniqueData from Local Systemt1005100%live
SubTechniqueCredentials in Registryt1552.002100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Manipulate Registry Information
CAPEC
Collect Data from Clipboard
CAPEC
Collect Data as Provided by Users
CAPEC
Pull Data from System Resources
CAPEC
Collect Data from Screen Capture
CAPEC
Collect Data from Common Resource Locations
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.