CAPEC 519 Documentation Alteration to Cause Errors in System Design

Name: VulnX Platform
Author: Studio Consi

Draft Detailed Low Risk

Severity High

Description

An attacker with access to a manufacturer's documentation containing requirements allocation and software design processes maliciously alters the documentation in order to cause errors in system design. This allows the attacker to take advantage of a weakness in a deployed system of the manufacturer for malicious purposes.

CAPEC 519 Documentation Alteration to Cause Errors in System Design

Description

Mitigations

Avoid Emailing Important Documents And Configurations.

Digitize Documents And Cryptographically Sign Them To Verify Authenticity.

Ensure Deleted Files Are Actually Deleted.

Maintain Multiple Instances Of The Document Across Different Privileged Users For Recovery And Verification.

Password Protect Documents And Make Them Read-Only For Unauthorized Users.

Consequences

Consequence Information

Relationships

Parent CAPECs

CAPEC 519 Documentation Alteration to Cause Errors in System Design

Description

Mitigations

Avoid Emailing Important Documents And Configurations.

Digitize Documents And Cryptographically Sign Them To Verify Authenticity.

Ensure Deleted Files Are Actually Deleted.

Maintain Multiple Instances Of The Document Across Different Privileged Users For Recovery And Verification.

Password Protect Documents And Make Them Read-Only For Unauthorized Users.

Consequences

Consequence Information

Relationships

Parent CAPECs

Iscriviti alla newsletter