Dark Mode
Capec-531 Detail
Hardware Component Substitution
Detailed Supply Chain Physical Security Hardware Likelihood: Low Typical Severity: High
Parents: 534
Children: 530 535
Threats: T62 T68 T78
An attacker substitutes out a tested and approved hardware component for a maliciously-altered hardware component. This type of attack is carried out directly on the system, enabling the attacker to then cause disruption or additional compromise.
Not present
| External ID | Source | Link | Description |
|---|---|---|---|
| CAPEC-531 | capec | https://capec.mitre.org/data/definitions/531.html | |
| T1195.003 | ATTACK | https://attack.mitre.org/wiki/Technique/T1195/003 | Supply Chain Compromise: Compromise Hardware Supply Chain |
Not present
- Physical access to the system or the integration facility where hardware components are kept.
Not present
| High |
|---|
| Able to develop and manufacture malicious system components that perform the same functions and processes as their non-malicious counterparts. |
Not present
- An attacker has access to an organization's warehouse of card readers being included as a part of an overall security system. By replacing a critical hardware component in the card reader, the attacker is able to alter the function of the card reader to allow an attacker-supplied card to bypass a security checkpoint. The card reader is placed in the warehouse, and later used in the victim's security system. The attacker is then able to go to the victim and use their own card and bypass a physical security checkpoint and gain access to the victim's location for further malicious activity.