CAPEC-545 Metadata
Likelihood of Attack
Low
Typical Severity
High
Overview
Summary
An adversary who is authorized or has the ability to search known system resources, does so with the intention of gathering useful information. System resources include files, memory, and other aspects of the target system. In this pattern of attack, the adversary does not necessarily know what they are going to find when they start pulling data. This is different than CAPEC-150 where the adversary knows what they are looking for due to the common location.
Prerequisites
No prerequisites listed.
Potential Solutions / Mitigations
No specific solutions listed.
Related Weaknesses (CWE)
| CWE ID | Description |
|---|---|
| CWE-1239 | Improper Zeroization of Hardware Register |
| CWE-1243 | Sensitive Non-Volatile Information Not Protected During Debug |
| CWE-1258 | Exposure of Sensitive System Information Due to Uncleared Debug Information |
| CWE-1258 | Exposure of Sensitive System Information Due to Uncleared Debug Information |
| CWE-1266 | Improper Scrubbing of Sensitive Data from Decommissioned Device |
| CWE-1272 | Sensitive Information Uncleared Before Debug/Power State Transition |
| CWE-1278 | Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques |
| CWE-1323 | Improper Management of Sensitive Trace Data |
| CWE-1330 | Remanent Data Readable after Memory Erase |
Related CAPECs
| CAPEC ID | Description |
|---|---|
| CAPEC-116 | An adversary actively probes the target in a manner that is designed to solicit information that could be leveraged for malicious purposes. |
Taxonomy Mappings
Taxonomy: ATTACK
Stay Ahead of Attack Patterns
Understanding CAPEC patterns helps security professionals anticipate and thwart potential attacks. Leverage these insights to enhance threat modeling, strengthen your software development lifecycle, and train your security teams effectively.