CAPEC-578
Disable Security Software
MEDIUM
MEDIUM
Usable
2015-11-09 00:00 +00:00
2023-01-24 00:00 +00:00
Alerte pour un CAPEC
Stay informed of any changes for a specific CAPEC.
Description
An adversary exploits a weakness in access control to disable security tools so that detection does not occur. This can take the form of killing processes, deleting registry keys so that tools do not start at run time, deleting log files, or other methods.
Informations
Prerequisites
The adversary must have the capability to interact with the configuration of the targeted system.Resources Required
None: No specialized resources are required to execute this type of attack.Mitigations
Ensure proper permissions are in place to prevent adversaries from altering the execution status of security tools.Related Weaknesses
| Weakness Name | |
|---|---|
| Improper Access Control The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Submission
| Name | Organization | Date | Date Release |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation |
Modifications
| Name | Organization | Date | Comment |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Attack_Motivation-Consequences, Attack_Prerequisites, Description Summary, References, Related_Weaknesses, Resources_Required, Solutions_and_Mitigations, Typical_Likelihood_of_Exploit, Typical_Severity | |
| CAPEC Content Team | The MITRE Corporation | Updated Related_Weaknesses | |
| CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns | |
| CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns, Taxonomy_Mappings | |
| CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings | |
| CAPEC Content Team | The MITRE Corporation | Updated Taxonomy_Mappings |
2024©
tesweb SA
