CAPEC-121 Detail

CAPEC-121

Name

Exploit Non-Production Interfaces

Likihood attacks

Low

Typical Severity

High

Status

Stable

Published

2014-06-23
00h00 +00:00

Modified

2023-01-24
00h00 +00:00

Official links

CAPEC Mitre.org

Alerte pour un CAPEC

Stay informed of any changes for a specific CAPEC.

Notifications manage

List of Notifications

Alerte pour un CAPEC

Stay informed of any changes for a specific CAPEC.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specify the CAPEC ID you wish to monitor.

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

Descriptions CAPEC

An adversary exploits a sample, demonstration, test, or debug interface that is unintentionally enabled on a production system, with the goal of gleaning information or leveraging functionality that would otherwise be unavailable.

Informations CAPEC

Execution Flow

1) Explore

[Determine Vulnerable Interface] An adversary explores a target system for sample or test interfaces that have not been disabled by a system administrator and which may be exploitable by the adversary.

Technique

If needed, the adversary explores an organization's network to determine if any specific systems of interest exist.

2) Exploit

[Leverage Test Interface to Execute Attacks] Once an adversary has discovered a system with a non-production interface, the interface is leveraged to exploit the system and/or conduct various attacks.

Technique

The adversary can leverage the sample or test interface to conduct several types of attacks such as Adversary-in-the-Middle attacks (CAPEC-94), keylogging, Cross Site Scripting (XSS), hardware manipulation attacks, and more.

Prerequisites

The target must have configured non-production interfaces and failed to secure or remove them when brought into a production environment.

Skills Required

Exploiting non-production interfaces requires significant skill and knowledge about the potential non-production interfaces left enabled in production.

Resources Required

For some interfaces, the adversary will need that appropriate client application or hardware that interfaces with the interface. Other non-production interfaces can be executed using simple tools, such as web browsers or console windows. In some cases, an adversary may need to be able to authenticate to the target before it can access the vulnerable interface.

Mitigations

Ensure that production systems do not contain non-production interfaces and that these interfaces are only used in development environments.

Related Weaknesses

CWE-ID	Weakness Name
CWE-489	Active Debug Code The product is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information.
CWE-1209	Failure to Disable Reserved Bits The reserved bits in a hardware design are not disabled prior to production. Typically, reserved bits are used for future capabilities and should not support any functional logic in the design. However, designers might covertly use these bits to debug or further develop new capabilities in production hardware. Adversaries with access to these bits will write to them in hopes of compromising hardware state.
CWE-1259	Improper Restriction of Security Token Assignment The System-On-A-Chip (SoC) implements a Security Token mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Tokens are improperly protected.
CWE-1267	Policy Uses Obsolete Encoding The product uses an obsolete encoding mechanism to implement access controls.
CWE-1270	Generation of Incorrect Security Tokens The product implements a Security Token mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Tokens generated in the system are incorrect.
CWE-1294	Insecure Security Identifier Mechanism The System-on-Chip (SoC) implements a Security Identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. However, the Security Identifiers are not correctly implemented.
CWE-1295	Debug Messages Revealing Unnecessary Information The product fails to adequately prevent the revealing of unnecessary and potentially sensitive system information within debugging messages.
CWE-1296	Incorrect Chaining or Granularity of Debug Components The product's debug components contain incorrect chaining or granularity of debug components.
CWE-1302	Missing Source Identifier in Entity Transactions on a System-On-Chip (SOC) The product implements a security identifier mechanism to differentiate what actions are allowed or disallowed when a transaction originates from an entity. A transaction is sent without a security identifier.
CWE-1313	Hardware Allows Activation of Test or Debug Logic at Runtime During runtime, the hardware allows for test or debug logic (feature) to be activated, which allows for changing the state of the hardware. This feature can alter the intended behavior of the system and allow for alteration and leakage of sensitive data by an adversary.

References

REF-588

The Hardware Trojan War: Attacks, Myths, and Defenses
Swarup Bhunia, Mark M. Tehranipoor.

REF-589

Exploiting the debug interface to support on-line test of control flow errors
Boyang Du, Matteo Sonza Reorda, Luca Sterpone, Luis Parra, Marta Portela-Garcia, Almudena Lindoso, Luis Entrena.
https://ieeexplore.ieee.org/document/6604058/authors#authors

Submission

Name	Organization	Date	Date release
CAPEC Content Team	The MITRE Corporation	2014-06-23 +00:00

Modifications

Name	Organization	Date	Comment
CAPEC Content Team	The MITRE Corporation	2018-07-31 +00:00	Updated Activation_Zone, Attack_Phases, Description, Description Summary, Injection_Vector, Payload, Payload_Activation_Impact, Solutions_and_Mitigations, Typical_Likelihood_of_Exploit
CAPEC Content Team	The MITRE Corporation	2019-04-04 +00:00	Updated Related_Weaknesses
CAPEC Content Team	The MITRE Corporation	2020-07-30 +00:00	Updated @Name, @Status, Consequences, Description, Execution_Flow, Mitigations, Prerequisites, References, Related_Weaknesses, Resources_Required, Skills_Required
CAPEC Content Team	The MITRE Corporation	2020-12-17 +00:00	Updated Description, Example_Instances, Related_Weaknesses
CAPEC Content Team	The MITRE Corporation	2021-06-24 +00:00	Updated Execution_Flow, Related_Weaknesses
CAPEC Content Team	The MITRE Corporation	2021-10-21 +00:00	Updated Related_Weaknesses
CAPEC Content Team	The MITRE Corporation	2022-02-22 +00:00	Updated Description, Extended_Description, Resources_Required
CAPEC Content Team	The MITRE Corporation	2023-01-24 +00:00	Updated Mitigations