Detailedlikelihood: Mediumseverity: MediumDraft

CAPEC-648Collect Data from Screen Capture

Abstraction
Detailed
Status
Draft
Likelihood
Medium
Severity
Medium

Description

An adversary gathers sensitive information by exploiting the system's screen capture functionality. Through screenshots, the adversary aims to see what happens on the screen over the course of an operation. The adversary can leverage information gathered in order to carry out further attacks. Metadata: detailed CAPEC pattern, status draft, likelihood medium, severity medium. Underlying weakness: CWE-267. Mapped ATT&CK techniques: [object Object], [object Object]. Related CAPEC pattern: [object Object].

Related weaknesses· 1

CWE-267

MITRE ATT&CK crosswalk· 2

T1113: Screen CaptureT1513: Screen Capture

Related attack patterns· 1

CAPEC-150 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessPrivilege Defined With Unsafe Actionscwe-267100%live

Related to2

TypeTargetConfidenceTier
TechniqueScreen Capturet1113100%live
Techniquet1513100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Collect Data from Clipboard
CAPEC
Capture Credentials via Keylogger
CAPEC
Probe iOS Screenshots
CAPEC
Collect Data from Registries
Technique
Screen Capture
CAPEC
Retrieve Embedded Sensitive Data
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.