Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CAPEC-444:Development Alteration
Attack Pattern ID:444
Version:v3.9
Attack Pattern Name:Development Alteration
Abstraction:Standard
Status:Stable
Likelihood of Attack:Medium
Typical Severity:High
DetailsContent HistoryRelated WeaknessesReports
▼Description
An adversary modifies a technology, product, or component during its development to acheive a negative impact once the system is deployed. The goal of the adversary is to modify the system in such a way that the negative impact can be leveraged when the system is later deployed. Development alteration attacks may include attacks that insert malicious logic into the system's software, modify or replace hardware components, and other attacks which negatively impact the system during development. These attacks generally require insider access to modify source code or to tamper with hardware components. The product is then delivered to the user where the negative impact can be leveraged at a later time.
▼Extended Description
▼Alternate Terms
▼Relationships
NatureTypeIDName
ChildOfM438Modification During Manufacture
ParentOfD206Signing Malicious Code
ParentOfD443Malicious Logic Inserted Into Product by Authorized Developer
ParentOfD445Malicious Logic Insertion into Product Software via Configuration Management Manipulation
ParentOfD446Malicious Logic Insertion into Product via Inclusion of Third-Party Component
ParentOfD511Infiltration of Software Development Environment
ParentOfD516Hardware Component Substitution During Baselining
ParentOfD520Counterfeit Hardware Component Inserted During Product Assembly
ParentOfD532Altered Installed BIOS
ParentOfD537Infiltration of Hardware Development Environment
ParentOfD538Open-Source Library Manipulation
ParentOfD539ASIC With Malicious Functionality
ParentOfD670Software Development Tools Maliciously Altered
ParentOfD672Malicious Code Implanted During Chip Programming
ParentOfD673Developer Signing Maliciously Altered Software
ParentOfD678System Build Data Maliciously Altered
CanFollowS691Spoof Open-Source Software Metadata
Nature: ChildOf
Type: Meta
ID: 438
Name: Modification During Manufacture
Nature: ParentOf
Type: Detailed
ID: 206
Name: Signing Malicious Code
Nature: ParentOf
Type: Detailed
ID: 443
Name: Malicious Logic Inserted Into Product by Authorized Developer
Nature: ParentOf
Type: Detailed
ID: 445
Name: Malicious Logic Insertion into Product Software via Configuration Management Manipulation
Nature: ParentOf
Type: Detailed
ID: 446
Name: Malicious Logic Insertion into Product via Inclusion of Third-Party Component
Nature: ParentOf
Type: Detailed
ID: 511
Name: Infiltration of Software Development Environment
Nature: ParentOf
Type: Detailed
ID: 516
Name: Hardware Component Substitution During Baselining
Nature: ParentOf
Type: Detailed
ID: 520
Name: Counterfeit Hardware Component Inserted During Product Assembly
Nature: ParentOf
Type: Detailed
ID: 532
Name: Altered Installed BIOS
Nature: ParentOf
Type: Detailed
ID: 537
Name: Infiltration of Hardware Development Environment
Nature: ParentOf
Type: Detailed
ID: 538
Name: Open-Source Library Manipulation
Nature: ParentOf
Type: Detailed
ID: 539
Name: ASIC With Malicious Functionality
Nature: ParentOf
Type: Detailed
ID: 670
Name: Software Development Tools Maliciously Altered
Nature: ParentOf
Type: Detailed
ID: 672
Name: Malicious Code Implanted During Chip Programming
Nature: ParentOf
Type: Detailed
ID: 673
Name: Developer Signing Maliciously Altered Software
Nature: ParentOf
Type: Detailed
ID: 678
Name: System Build Data Maliciously Altered
Nature: CanFollow
Type: Standard
ID: 691
Name: Spoof Open-Source Software Metadata
▼Execution Flow
▼Prerequisites
Access to the system during the development phase to alter and/or modify software and hardware components. This access is often obtained via insider access or by leveraging another attack pattern to gain permissions that the adversary wouldn't normally have.
▼Skills Required
▼Resources Required
▼Indicators
▼Consequences
ScopeLikelihoodImpactNote
AuthorizationN/AExecute Unauthorized CommandsN/A
AvailabilityN/AUnreliable ExecutionN/A
IntegrityN/AAlter Execution LogicN/A
Scope: Authorization
Likelihood: N/A
Impact: Execute Unauthorized Commands
Note: N/A
Scope: Availability
Likelihood: N/A
Impact: Unreliable Execution
Note: N/A
Scope: Integrity
Likelihood: N/A
Impact: Alter Execution Logic
Note: N/A
▼Mitigations
Assess software and software components during development and prior to deployment to ensure that they function as intended and without any malicious functionality.
▼Example Instances
▼Related Weaknesses
IDName
▼Taxonomy Mappings
Taxonomy NameEntry IDEntry Name
▼Notes
▼References
Details not found