Detailedlikelihood: Lowseverity: Very HighStable

CAPEC-665Exploitation of Thunderbolt Protection Flaws

Abstraction
Detailed
Status
Stable
Likelihood
Low
Severity
Very High

Description

Metadata: detailed CAPEC pattern, status stable, likelihood low, severity very high. Underlying weaknesses: CWE-345, CWE-353, CWE-288, CWE-1188, CWE-862. Mapped ATT&CK techniques: [object Object], [object Object], [object Object]. Related CAPEC patterns: [object Object], [object Object], [object Object], [object Object] (and 1 more).

Related weaknesses· 5

CWE-345CWE-353CWE-288CWE-1188CWE-862

MITRE ATT&CK crosswalk· 3

T1211: Exploitation for Defensive EvasionT1542.002: Pre-OS Boot: Component FirmwareT1556: Modify Authentication Process

Related attack patterns· 5

CAPEC-276 (ChildOf)CAPEC-390 (CanFollow)CAPEC-458 (PeerOf)CAPEC-148 (PeerOf)CAPEC-151 (PeerOf)

Exploits5

TypeTargetConfidenceTier
WeaknessMissing Authorizationcwe-862100%live
WeaknessInsufficient Verification of Data Authenticitycwe-345100%live
WeaknessInitialization of a Resource with an Insecure Defaultcwe-1188100%live
WeaknessMissing Support for Integrity Checkcwe-353100%live
WeaknessAuthentication Bypass Using an Alternate Path or Channelcwe-288100%live

Related to3

TypeTargetConfidenceTier
SubTechniqueComponent Firmwaret1542.002100%live
TechniqueModify Authentication Processt1556100%live
TechniqueExploitation for Defense Evasiont1211100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Exploitation of Improperly Controlled Hardware Security Identifiers
CAPEC
Exploitation of Improperly Controlled Registers
CAPEC
Exploitation of Improperly Configured or Implemented Memory Protections
CAPEC
Exploit Non-Production Interfaces
CAPEC
StarJacking
CAPEC
Exploitation of Trusted Identifiers
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.