CAPEC-474 Metadata
Likelihood of Attack
Medium
Typical Severity
High
Overview
Summary
An attacker obtains an authoritative or reputable signer's private signature key by theft and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Prerequisites
An authoritative or reputable signer is storing their private signature key with insufficient protection.
Potential Solutions / Mitigations
Restrict access to private keys from non-supervisory accounts Restrict access to administrative personnel and processes only Ensure all remote methods are secured Ensure all services are patched and up to date
Related Weaknesses (CWE)
| CWE ID | Description |
|---|---|
| CWE-522 | Insufficiently Protected Credentials |
Related CAPECs
| CAPEC ID | Description |
|---|---|
| CAPEC-473 | An attacker generates a message or datablock that causes the recipient to believe that the message or datablock was generated and cryptographically signed by an authoritative or reputable source, misleading a victim or victim operating system into performing malicious actions. |
Taxonomy Mappings
Taxonomy: ATTACK
| Entry ID | Entry Name |
|---|---|
| 1552.004 | Unsecured Credentials: Private Keys |
Stay Ahead of Attack Patterns
Understanding CAPEC patterns helps security professionals anticipate and thwart potential attacks. Leverage these insights to enhance threat modeling, strengthen your software development lifecycle, and train your security teams effectively.