615 indexed
CAPECCAPEC attack patterns
615 MITRE CAPEC entries — attack patterns at meta, standard, and detailed abstraction levels. Filter by abstraction. Authored by Adam Lundqvist.
Showing 551–600 of 615 · page 12 of 13
| ID | Title | Summary |
|---|---|---|
| CAPEC-667 | Bluetooth Impersonation AttackS (BIAS) | An adversary disguises the MAC address of their Bluetooth enabled device to one for which there exists an active and trusted connection and authenticates succe… |
| CAPEC-668 | Key Negotiation of Bluetooth Attack (KNOB) | An adversary can exploit a flaw in Bluetooth key negotiation allowing them to decrypt information sent between two devices communicating via Bluetooth. The adv… |
| CAPEC-669 | Alteration of a Software Update | Metadata: standard CAPEC pattern, status draft, likelihood medium, severity high. Mapped ATT&CK technique: [object Object]. Related CAPEC patterns: [object Obj… |
| CAPEC-67 | String Format Overflow in syslog() | This attack targets applications and software that uses the syslog() function insecurely. If an application does not explicitely use a format string parameter … |
| CAPEC-670 | Software Development Tools Maliciously Altered | An adversary with the ability to alter tools used in a development environment causes software to be developed with maliciously modified tools. Such tools incl… |
| CAPEC-671 | Requirements for ASIC Functionality Maliciously Altered | An adversary with access to functional requirements for an application specific integrated circuit (ASIC), a chip designed/customized for a singular particular… |
| CAPEC-672 | Malicious Code Implanted During Chip Programming | Metadata: detailed CAPEC pattern, status draft, likelihood low, severity high. Mapped ATT&CK technique: [object Object]. Related CAPEC pattern: [object Object]… |
| CAPEC-673 | Developer Signing Maliciously Altered Software | Metadata: detailed CAPEC pattern, status draft, likelihood medium, severity high. Mapped ATT&CK technique: [object Object]. Related CAPEC pattern: [object Obje… |
| CAPEC-674 | Design for FPGA Maliciously Altered | Metadata: detailed CAPEC pattern, status stable, likelihood low, severity high. Mapped ATT&CK technique: [object Object]. Related CAPEC pattern: [object Object… |
| CAPEC-675 | Retrieve Data from Decommissioned Devices | Metadata: standard CAPEC pattern, status stable, likelihood medium, severity medium. Underlying weakness: CWE-1266. Mapped ATT&CK technique: [object Object]. R… |
| CAPEC-676 | NoSQL Injection | Metadata: standard CAPEC pattern, status stable, likelihood high, severity high. Underlying weaknesses: CWE-943, CWE-1286. Related CAPEC pattern: [object Objec… |
| CAPEC-677 | Server Motherboard Compromise | Metadata: detailed CAPEC pattern, status draft, likelihood low, severity high. Mapped ATT&CK technique: [object Object]. Related CAPEC pattern: [object Object]… |
| CAPEC-678 | System Build Data Maliciously Altered | Metadata: detailed CAPEC pattern, status draft, likelihood low, severity high. Mapped ATT&CK technique: [object Object]. Related CAPEC pattern: [object Object]… |
| CAPEC-679 | Exploitation of Improperly Configured or Implemented Memory Protections | Metadata: detailed CAPEC pattern, status draft, likelihood medium, severity very high. Underlying weaknesses: CWE-1222, CWE-1252, CWE-1257, CWE-1260, CWE-1274 … |
| CAPEC-68 | Subvert Code-signing Facilities | Many languages use code signing facilities to vouch for code's identity and to thus tie code to its assigned privileges within an environment. Subverting this … |
| CAPEC-680 | Exploitation of Improperly Controlled Registers | Metadata: detailed CAPEC pattern, status draft, likelihood medium, severity high. Underlying weaknesses: CWE-1224, CWE-1231, CWE-1233, CWE-1262, CWE-1283. Rela… |
| CAPEC-681 | Exploitation of Improperly Controlled Hardware Security Identifiers | Metadata: detailed CAPEC pattern, status draft, likelihood medium, severity very high. Underlying weaknesses: CWE-1259, CWE-1267, CWE-1270, CWE-1294, CWE-1302.… |
| CAPEC-682 | Exploitation of Firmware or ROM Code with Unpatchable Vulnerabilities | An adversary may exploit vulnerable code (i.e., firmware or ROM) that is unpatchable. Unpatchable devices exist due to manufacturers intentionally or inadverte… |
| CAPEC-69 | Target Programs with Elevated Privileges | This attack targets programs running with elevated privileges. The adversary tries to leverage a vulnerability in the running program and get arbitrary code to… |
| CAPEC-690 | Metadata Spoofing | Metadata: meta CAPEC pattern, status stable, likelihood medium, severity high. Metadata: meta CAPEC pattern, status stable, likelihood medium, severity high. |
| CAPEC-691 | Spoof Open-Source Software Metadata | Metadata: standard CAPEC pattern, status stable, likelihood medium, severity high. Underlying weakness: CWE-494. Mapped ATT&CK techniques: [object Object], [ob… |
| CAPEC-692 | Spoof Version Control System Commit Metadata | Metadata: detailed CAPEC pattern, status stable, likelihood medium, severity high. Underlying weakness: CWE-494. Related CAPEC pattern: [object Object]. Metad… |
| CAPEC-693 | StarJacking | Metadata: detailed CAPEC pattern, status stable, likelihood medium, severity high. Underlying weakness: CWE-494. Related CAPEC pattern: [object Object]. Metad… |
| CAPEC-694 | System Location Discovery | Metadata: standard CAPEC pattern, status stable, likelihood high, severity very low. Underlying weakness: CWE-497. Mapped ATT&CK technique: [object Object]. Re… |
| CAPEC-695 | Repo Jacking | Metadata: detailed CAPEC pattern, status stable, likelihood medium, severity high. Underlying weaknesses: CWE-494, CWE-829. Mapped ATT&CK technique: [object Ob… |
| CAPEC-696 | Load Value Injection | An adversary exploits a hardware design flaw in a CPU implementation of transient instruction execution in which a faulting or assisted load instruction transi… |
| CAPEC-697 | DHCP Spoofing | Metadata: standard CAPEC pattern, status stable, likelihood low, severity high. Underlying weakness: CWE-923. Mapped ATT&CK technique: [object Object]. Related… |
| CAPEC-698 | Install Malicious Extension | Metadata: detailed CAPEC pattern, status stable, likelihood medium, severity high. Underlying weaknesses: CWE-507, CWE-829. Mapped ATT&CK techniques: [object O… |
| CAPEC-699 | Eavesdropping on a Monitor | An Adversary can eavesdrop on the content of an external monitor through the air without modifying any cable or installing software, just capturing this signal… |
| CAPEC-7 | Blind SQL Injection | Blind SQL Injection results from an insufficient mitigation for SQL Injection. Although suppressing database error messages are considered best practice, the s… |
| CAPEC-70 | Try Common or Default Usernames and Passwords | An adversary may try certain common or default usernames and passwords to gain access into the system and perform unauthorized actions. An adversary may try an… |
| CAPEC-700 | Network Boundary Bridging | An adversary which has gained elevated access to network boundary devices may use these devices to create a channel to bridge trusted and untrusted networks. B… |
| CAPEC-701 | Browser in the Middle (BiTM) | An adversary exploits the inherent functionalities of a web browser, in order to establish an unnoticed remote desktop connection in the victim's browser to th… |
| CAPEC-702 | Exploiting Incorrect Chaining or Granularity of Hardware Debug Components | Metadata: detailed CAPEC pattern, status draft, likelihood low, severity medium. Underlying weakness: CWE-1296. Related CAPEC pattern: [object Object]. Metada… |
| CAPEC-71 | Using Unicode Encoding to Bypass Validation Logic | An attacker may provide a Unicode string to a system component that is not Unicode aware and use that to circumvent the filter or cause the classifying mechani… |
| CAPEC-72 | URL Encoding | This attack targets the encoding of the URL. An adversary can take advantage of the multiple way of encoding an URL and abuse the interpretation of the URL. M… |
| CAPEC-73 | User-Controlled Filename | An attack of this type involves an adversary inserting malicious characters (such as a XSS redirection) into a filename, directly or indirectly that is then us… |
| CAPEC-74 | Manipulating State | Metadata: meta CAPEC pattern, status stable, likelihood medium, severity high. Underlying weaknesses: CWE-372, CWE-315, CWE-353, CWE-693, CWE-1245 (and 3 more)… |
| CAPEC-75 | Manipulating Writeable Configuration Files | Generally these are manually edited files that are not in the preview of the system administrators, any ability on the attackers' behalf to modify these files,… |
| CAPEC-76 | Manipulating Web Input to File System Calls | An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perha… |
| CAPEC-77 | Manipulating User-Controlled Variables | This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An adversary can override variables leveraging user-supplied, untrusted que… |
| CAPEC-78 | Using Escaped Slashes in Alternate Encoding | This attack targets the use of the backslash in alternate encoding. An adversary can provide a backslash as a leading character and causes a parser to believe … |
| CAPEC-79 | Using Slashes in Alternate Encoding | This attack targets the encoding of the Slash characters. An adversary would try to exploit common filtering problems related to the use of the slashes charact… |
| CAPEC-8 | Buffer Overflow in an API Call | This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An adversary who has knowledge of known vulnerable librar… |
| CAPEC-80 | Using UTF-8 Encoding to Bypass Validation Logic | This attack is a specific variation on leveraging alternate encodings to bypass validation logic. This attack leverages the possibility to encode potentially h… |
| CAPEC-81 | Web Server Logs Tampering | Web Logs Tampering attacks involve an attacker injecting, deleting or otherwise tampering with the contents of web logs typically for the purposes of masking o… |
| CAPEC-82 | DEPRECATED: Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Service (XDoS)) | This attack pattern has been deprecated as it a generalization of CAPEC-230: XML Nested Payloads, CAPEC-231: XML Oversized Payloads, and CAPEC-147: XML Ping of… |
| CAPEC-83 | XPath Injection | An attacker can craft special user-controllable input consisting of XPath expressions to inject the XML database and bypass authentication or glean information… |
| CAPEC-84 | XQuery Injection | This attack utilizes XQuery to probe and attack server systems; in a similar manner that SQL Injection allows an attacker to exploit SQL calls to RDBMS, XQuery… |
| CAPEC-85 | AJAX Footprinting | This attack utilizes the frequent client-server roundtrips in Ajax conversation to scan a system. While Ajax does not open up new vulnerabilities per se, it do… |