{'xhtml:p': 'An adversary exploits a sample, demonstration, test, or debug interface that is unintentionally enabled on a production system, with the goal of gleaning information or leveraging functionality that would otherwise be unavailable.'}
Description
Attack Execution Flow
2
1
Step 1
Explore[Determine Vulnerable Interface] An adversary explores a target system for sample or test interfaces that have not been disabled by a system administrator and which may be exploitable by the adversary.
If needed, the adversary explores an organization's network to determine if any specific systems of interest exist.
AI Translation
[Determina l'Interfaccia Vulnerabile] Un avversario esplora un sistema target alla ricerca di interfacce di esempio o di test che non siano state disabilitate dall'amministratore di sistema e che possano essere sfruttate dall'avversario.
Se necessario, l'avversario esplora la rete di un'organizzazione per determinare se esistano sistemi di interesse specifico.
Attack Techniques
-
If needed, the adversary explores an organization's network to determine if any specific systems of interest exist.
2
Step 2
Exploit[Leverage Test Interface to Execute Attacks] Once an adversary has discovered a system with a non-production interface, the interface is leveraged to exploit the system and/or conduct various attacks.
The adversary can leverage the sample or test interface to conduct several types of attacks such as Adversary-in-the-Middle attacks (CAPEC-94), keylogging, Cross Site Scripting (XSS), hardware manipulation attacks, and more.
AI Translation
[Utilizzo dell'interfaccia di test per eseguire attacchi] Una volta che un avversario ha scoperto un sistema con un'interfaccia non di produzione, questa viene sfruttata per compromettere il sistema e/o condurre vari attacchi.
L'avversario può sfruttare l'interfaccia di esempio o di test per condurre diversi tipi di attacchi come attacchi Adversary-in-the-Middle (CAPEC-94), keylogging, Cross Site Scripting (XSS), attacchi di manipolazione hardware e altri.
Attack Techniques
-
The adversary can leverage the sample or test interface to conduct several types of attacks such as Adversary-in-the-Middle attacks (CAPEC-94), keylogging, Cross Site Scripting (XSS), hardware manipulation attacks, and more.
Mitigations
1
Ensure That Production Systems Do Not Contain Non-Production Interfaces And That These Interfaces Are Only Used In Development Environments.
Consequences
Security Scopes Affected
Access Control
Authentication
Authorization
Confidentiality
Integrity
Potential Impacts
Alter Execution Logic
Bypass Protection Mechanism
Execute Unauthorized Commands
Gain Privileges
Modify Data
Read Data
Relationships
Parent CAPECs
Resources Required
1
For some interfaces, the adversary will need that appropriate client application or hardware that interfaces with the interface. Other non-production interfaces can be executed using simple tools, such as web browsers or console windows. In some cases, an adversary may need to be able to authenticate to the target before it can access the vulnerable interface.