Dark Mode

Settings

Capec-677 Detail

Server Motherboard Compromise

Detailed Supply Chain Physical Security Hardware Likelihood: Low Typical Severity: High

Parents: 534

Threats: T78

Description

Malware is inserted in a server motherboard (e.g., in the flash memory) in order to alter server functionality from that intended. The development environment or hardware/software support activity environment is susceptible to an adversary inserting malicious software into hardware components during development or update.

Not present

External ID Source Link Description
CAPEC-677 capec https://capec.mitre.org/data/definitions/677.html
T1195.003 ATTACK https://attack.mitre.org/wiki/Technique/T1195/003 Supply Chain Compromise: Compromise Hardware Supply Chain
REF-439 reference_from_CAPEC http://www.mitre.org/sites/default/files/publications/supply-chain-attack-framework-14-0228.pdf John F. Miller, Supply Chain Attack Framework and Attack Patterns, 2013, The MITRE Corporation
REF-660 reference_from_CAPEC https://docplayer.net/13041016-Supply-chain-attack-patterns-framework-and-catalog.html Melinda Reed, John F. Miller, Paul Popick, Supply Chain Attack Patterns: Framework and Catalog, 2014--08, Office of the Assistant Secretary of Defense for Research and Engineering
REF-685 reference_from_CAPEC https://www.extremetech.com/computing/315860-kaspersky-finds-sophisticated-uefi-malware-in-the-wild Kaspersky Finds Sophisticated UEFI Malware in the Wild , 2020--10---05, ExtremeTech

Not present

  1. An adversary with access to hardware/software processes and tools within the development or hardware/software support environment can insert malicious software into hardware components during development or update/maintenance.

Not present

Not present

Integrity
Execute Unauthorized Commands
  1. Malware is inserted into the Unified Extensible Firmware Interface (UEFI) software that resides on a flash memory chip soldered to a computer’s motherboard. It is the first thing to turn on when a system is booted and is allowed access to almost every part of the operating system. Hence, the malware will have extensive control over operating system functions and persist after system reboots. [REF-685]

We use cookies to ensure you get the best experience on our website.