Detailedlikelihood: Mediumseverity: HighStable

CAPEC-654Credential Prompt Impersonation

Abstraction
Detailed
Status
Stable
Likelihood
Medium
Severity
High

Description

An adversary, through a previously installed malicious application, impersonates a credential prompt in an attempt to steal a user's credentials. Metadata: detailed CAPEC pattern, status stable, likelihood medium, severity high. Underlying weakness: CWE-1021. Mapped ATT&CK techniques: [object Object], [object Object]. Related CAPEC pattern: [object Object].

Related weaknesses· 1

CWE-1021

MITRE ATT&CK crosswalk· 2

T1056: Input CaptureT1548.004: Abuse Elevation Control Mechanism: Elevated Execution with Prompt

Related attack patterns· 1

CAPEC-504 (ChildOf)

Exploits1

TypeTargetConfidenceTier
WeaknessImproper Restriction of Rendered UI Layers or Framescwe-1021100%live

Related to2

TypeTargetConfidenceTier
SubTechniqueElevated Execution with Promptt1548.004100%live
TechniqueInput Capturet1056100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Task Impersonation
CAPEC
Use of Known Operating System Credentials
CAPEC
Use of Known Domain Credentials
CAPEC
Capture Credentials via Keylogger
CAPEC
Token Impersonation
CAPEC
Credential Stuffing
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.