Detailedlikelihood: Mediumseverity: HighStable

CAPEC-698Install Malicious Extension

Abstraction
Detailed
Status
Stable
Likelihood
Medium
Severity
High

Description

Metadata: detailed CAPEC pattern, status stable, likelihood medium, severity high. Underlying weaknesses: CWE-507, CWE-829. Mapped ATT&CK techniques: [object Object], [object Object]. Related CAPEC pattern: [object Object]. Metadata: detailed CAPEC pattern, status stable, likelihood medium, severity high. Underlying weaknesses: CWE-507, CWE-829. Mapped ATT&CK techniques: [object Object], [object Object]. Related CAPEC pattern: [object Object].

Related weaknesses· 2

CWE-507CWE-829

MITRE ATT&CK crosswalk· 2

T1176: Browser ExtensionsT1505.004: Server Software Component: IIS Components

Related attack patterns· 1

CAPEC-542 (ChildOf)

Exploits2

TypeTargetConfidenceTier
WeaknessTrojan Horsecwe-507100%live
WeaknessInclusion of Functionality from Untrusted Control Spherecwe-829100%live

Related to2

TypeTargetConfidenceTier
TechniqueBrowser Extensionst1176100%live
SubTechniqueIIS Componentst1505.004100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Malicious Logic Insertion into Product via Inclusion of Third-Party Component
CAPEC
Server Side Request Forgery
CAPEC
System Build Data Maliciously Altered
CAPEC
Exploit Non-Production Interfaces
CAPEC
Malicious Software Download
CAPEC
Developer Signing Maliciously Altered Software
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.