Dark Mode
Capec-439 Detail
Manipulation During Distribution
Meta Supply Chain Hardware
Children: 522 523 524
Threats: T62 T76 T274 T393
An attacker undermines the integrity of a product, software, or technology at some stage of the distribution channel. The core threat of modification or manipulation during distribution arise from the many stages of distribution, as a product may traverse multiple suppliers and integrators as the final asset is delivered. Components and services provided from a manufacturer to a supplier may be tampered with during integration or packaging.
Not present
| External ID | Source | Link | Description |
|---|---|---|---|
| CAPEC-439 | capec | https://capec.mitre.org/data/definitions/439.html | |
| CWE-1269 | cwe | http://cwe.mitre.org/data/definitions/1269.html | |
| T1195 | ATTACK | https://attack.mitre.org/wiki/Technique/T1195 | Supply Chain Compromise |
| REF-379 | reference_from_CAPEC | https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1-draft2.pdf | Jon Boyens, Angela Smith, Nadya Bartol, Kris Winkler, Alex Holbrook, Matthew Fallon, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations (2nd Draft), 2021--10---28, National Institute of Standards and Technology (NIST) |
| REF-384 | reference_from_CAPEC | SAFECode, The Software Supply Chain Integrity Framework Defining Risks and Responsibilities for Securing Software in the Global Supply Chain, 2009, Safecode.org | |
| REF-382 | reference_from_CAPEC | Marianne Swanson, Nadya Bartol, Rama Moorthy, Piloting Supply Chain Risk Management Practices for Federal Information Systems (Draft NISTIR 7622), 2010, National Institute of Standards and Technology |
Not present
Not present
Not present
Not present
Not present
- A malicious OEM provider, or OEM provider employee or contractor, may install software, or modify existing code, during distribution.
- External contractors involved in the packaging or testing of products or components may install software, or modify existing code, during distribution.