CAPEC-549 Metadata
Likelihood of Attack
Medium
Typical Severity
High
Overview
Summary
An adversary installs and executes malicious code on the target system in an effort to achieve a negative technical impact. Examples include rootkits, ransomware, spyware, adware, and others.
Prerequisites
Knowledge of the target system's vulnerabilities that can be capitalized on with malicious code.The adversary must be able to place the malicious code on the target system.
Potential Solutions / Mitigations
Employ robust cybersecurity training for all employees. Implement system antivirus software that scans all attachments before opening them. Regularly patch all software. Execute all suspicious files in a sandbox environment.
Related Weaknesses (CWE)
| CWE ID | Description |
|---|---|
| CWE-829 | Inclusion of Functionality from Untrusted Control Sphere |
Stay Ahead of Attack Patterns
Understanding CAPEC patterns helps security professionals anticipate and thwart potential attacks. Leverage these insights to enhance threat modeling, strengthen your software development lifecycle, and train your security teams effectively.