BaseIncomplete

CWE-507Trojan Horse

Category: other

Description

The product appears to contain benign or useful functionality, but it also contains code that is hidden from normal operation that violates the intended security policy of the user or the system administrator.

Common consequences· 1

  • Confidentiality / Integrity / Availability — Execute Unauthorized Code or Commands

Potential mitigations· 2

  • [Operation]Most antivirus software scans for Trojan Horses.
  • [Installation]Verify the integrity of the product that is being installed.

Related CAPEC attack patterns· 1

CAPEC-698

References

  1. https://cwe.mitre.org/data/definitions/507.html

Exploits (incoming)1

TypeTargetConfidenceTier
AttackPatternInstall Malicious Extensioncapec-698100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Use of Potentially Dangerous Function
CWE
Dependency on Vulnerable Third-Party Component
CWE
Insertion of Sensitive Information into Externally-Accessible File or Directory
CWE
Execution with Unnecessary Privileges
CWE
Reliance on Insufficiently Trustworthy Component
CWE
Use of Low-Level Functionality
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.