Dark Mode

Settings

Capec-184 Detail

Software Integrity Attack

Meta Social Engineering Supply Chain Software Typical Severity: Low

Children: 185 186 663 669

Threats: T62 T79 T257 T260 T262 T269 T270 T271 T272 T273 T287 T290 T301 T304 T306 T337 T391 T406

Description

An attacker initiates a series of events designed to cause a user, program, server, or device to perform actions which undermine the integrity of software code, device data structures, or device firmware, achieving the modification of the target's integrity to achieve an insecure state.

Not present

External ID Source Link Description
CAPEC-184 capec https://capec.mitre.org/data/definitions/184.html
CWE-494 cwe http://cwe.mitre.org/data/definitions/494.html

Not present

Not present

  1. Software Integrity Attacks are usually a late stage focus of attack activity which depends upon the success of a chain of prior events. The resources required to perform the attack vary with respect to the overall attack strategy, existing countermeasures which must be bypassed, and the success of early phase attack vectors.
Medium
Manual or user-assisted attacks require deceptive mechanisms to trick the user into clicking a link or downloading and installing software. Automated update attacks require the attacker to host a payload and then trigger the installation of the payload code.

Not present

Not present

We use cookies to ensure you get the best experience on our website.