CAPEC-187 Metadata
Likelihood of Attack
High
Typical Severity
High
Overview
Summary
An attacker exploits two layers of weaknesses in server or client software for automated update mechanisms to undermine the integrity of the target code-base. The first weakness involves a failure to properly authenticate a server as a source of update or patch content. This type of weakness typically results from authentication mechanisms which can be defeated, allowing a hostile server to satisfy the criteria that establish a trust relationship. The second weakness is a systemic failure to validate the identity and integrity of code downloaded from a remote location, hence the inability to distinguish malicious code from a legitimate update.
Prerequisites
No prerequisites listed.
Potential Solutions / Mitigations
No specific solutions listed.
Related Weaknesses (CWE)
| CWE ID | Description |
|---|---|
| CWE-494 | Download of Code Without Integrity Check |
Related CAPECs
| CAPEC ID | Description |
|---|---|
| CAPEC-186 | An adversary uses deceptive methods to cause a user or an automated process to download and install dangerous code believed to be a valid update that originates from an adversary controlled source. |
Taxonomy Mappings
Taxonomy: ATTACK
| Entry ID | Entry Name |
|---|---|
| 1072 | Software Deployment Tools |
Stay Ahead of Attack Patterns
Understanding CAPEC patterns helps security professionals anticipate and thwart potential attacks. Leverage these insights to enhance threat modeling, strengthen your software development lifecycle, and train your security teams effectively.