An adversary exploits a weakness in the system maintenance process and causes a change to be made to a technology, product, component, or sub-component or a new one installed during its deployed use at the victim location for the purpose of carrying out an attack.
|
|
| ID | CAPEC-440 |
| Latest Sync Date | 11/05/25 15:15:38 |
| Original ID | 440 |
| Abstraction | Meta |
| Status | Stable |
| Alternate Terms | |
| Likelihood Of Attack | Low |
| Typical Severity | High |
| Related Attack Patterns | |
| Execution Flow | |
| Prerequisites | ::Influence over the deployed system at a victim location.:: |
| Skills Required | |
| Resources Required | |
| Indicators | |
| Consequences | ::SCOPE:Integrity:TECHNICAL IMPACT:Execute Unauthorized Commands:: |
| Mitigations | |
| Example Instances | |
| Related Weaknesses | |
| Taxonomy Mappings | TAXONOMY NAME:ATTACK:ENTRY ID:1195.003:ENTRY NAME:Supply Chain Compromise: Compromise Hardware Supply Chain::::TAXONOMY NAME:ATTACK:ENTRY ID:1200:ENTRY NAME:Hardware Additions:: |
| Notes | |