Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CAPEC-616:Establish Rogue Location
Attack Pattern ID:616
Version:v3.9
Attack Pattern Name:Establish Rogue Location
Abstraction:Standard
Status:Stable
Likelihood of Attack:Medium
Typical Severity:Medium
DetailsContent HistoryRelated WeaknessesReports
▼Description
An adversary provides a malicious version of a resource at a location that is similar to the expected location of a legitimate resource. After establishing the rogue location, the adversary waits for a victim to visit the location and access the malicious resource.
▼Extended Description
▼Alternate Terms
▼Relationships
NatureTypeIDName
ChildOfM154Resource Location Spoofing
ParentOfD505Scheme Squatting
ParentOfD611BitSquatting
ParentOfD615Evil Twin Wi-Fi Attack
ParentOfD617Cellular Rogue Base Station
ParentOfD630TypoSquatting
ParentOfD631SoundSquatting
ParentOfD632Homograph Attack via Homoglyphs
ParentOfD667Bluetooth Impersonation AttackS (BIAS)
ParentOfD695Repo Jacking
CanPrecedeS691Spoof Open-Source Software Metadata
Nature: ChildOf
Type: Meta
ID: 154
Name: Resource Location Spoofing
Nature: ParentOf
Type: Detailed
ID: 505
Name: Scheme Squatting
Nature: ParentOf
Type: Detailed
ID: 611
Name: BitSquatting
Nature: ParentOf
Type: Detailed
ID: 615
Name: Evil Twin Wi-Fi Attack
Nature: ParentOf
Type: Detailed
ID: 617
Name: Cellular Rogue Base Station
Nature: ParentOf
Type: Detailed
ID: 630
Name: TypoSquatting
Nature: ParentOf
Type: Detailed
ID: 631
Name: SoundSquatting
Nature: ParentOf
Type: Detailed
ID: 632
Name: Homograph Attack via Homoglyphs
Nature: ParentOf
Type: Detailed
ID: 667
Name: Bluetooth Impersonation AttackS (BIAS)
Nature: ParentOf
Type: Detailed
ID: 695
Name: Repo Jacking
Nature: CanPrecede
Type: Standard
ID: 691
Name: Spoof Open-Source Software Metadata
▼Execution Flow
▼Prerequisites
A resource is expected to available to the user.
▼Skills Required
Low

Adversaries can often purchase low-cost technology to implement rogue access points.

▼Resources Required
▼Indicators
▼Consequences
ScopeLikelihoodImpactNote
ConfidentialityIntegrityN/AOtherSuccessful attacks of this nature can result in a wide variety of consequences and negatively impact confidentiality and integrity based on the adversary's subsequent actions.
Scope: Confidentiality, Integrity
Likelihood: N/A
Impact: Other
Note: Successful attacks of this nature can result in a wide variety of consequences and negatively impact confidentiality and integrity based on the adversary's subsequent actions.
▼Mitigations
▼Example Instances
▼Related Weaknesses
IDName
CWE-200Exposure of Sensitive Information to an Unauthorized Actor
ID: CWE-200
Name: Exposure of Sensitive Information to an Unauthorized Actor
▼Taxonomy Mappings
Taxonomy NameEntry IDEntry Name
ATTACK1036.005Masquerading: Match Legitimate Name or Location
Taxonomy Name: ATTACK
Entry ID: 1036.005
Entry Name: Masquerading: Match Legitimate Name or Location
▼Notes
▼References
Details not found