Scope | Impact | Likelihood |
---|---|---|
Confidentiality Integrity Availability | Execute Unauthorized Code or Commands |
References | Description |
---|---|
CVE-2022-30877 | A command history tool was shipped with a code-execution backdoor inserted by a malicious party. |
According to SOAR, the following detection techniques may be useful:
According to SOAR, the following detection techniques may be useful:
According to SOAR, the following detection techniques may be useful:
According to SOAR, the following detection techniques may be useful:
CAPEC-ID | Attack Pattern Name |
---|---|
CAPEC-442 | Infected Software An adversary adds malicious logic, often in the form of a computer virus, to otherwise benign software. This logic is often hidden from the user of the software and works behind the scenes to achieve negative impacts. Many times, the malicious logic is inserted into empty space between legitimate code, and is then called when the software is executed. This pattern of attack focuses on software already fielded and used in operation as opposed to software that is still under development and part of the supply chain. |
CAPEC-448 | Embed Virus into DLL An adversary tampers with a DLL and embeds a computer virus into gaps between legitimate machine instructions. These gaps may be the result of compiler optimizations that pad memory blocks for performance gains. The embedded virus then attempts to infect any machine which interfaces with the product, and possibly steal private data or eavesdrop. |
CAPEC-636 | Hiding Malicious Data or Code within Files Files on various operating systems can have a complex format which allows for the storage of other data, in addition to its contents. Often this is metadata about the file, such as a cached thumbnail for an image file. Unless utilities are invoked in a particular way, this data is not visible during the normal use of the file. It is possible for an attacker to store malicious data or code using these facilities, which would be difficult to discover. |
Name | Organization | Date | Date release | Version |
---|---|---|---|---|
Landwehr | Draft 3 |
Name | Organization | Date | Comment |
---|---|---|---|
Sean Eidemiller | Cigital | added/updated demonstrative examples | |
Eric Dalci | Cigital | updated Time_of_Introduction | |
CWE Content Team | MITRE | updated Description, Relationships, Other_Notes, Taxonomy_Mappings | |
CWE Content Team | MITRE | updated Description, Other_Notes | |
CWE Content Team | MITRE | updated Other_Notes, Terminology_Notes | |
CWE Content Team | MITRE | updated Common_Consequences | |
CWE Content Team | MITRE | updated Relationships | |
CWE Content Team | MITRE | updated Potential_Mitigations | |
CWE Content Team | MITRE | updated Relationships | |
CWE Content Team | MITRE | updated Detection_Factors | |
CWE Content Team | MITRE | updated Demonstrative_Examples, Relationships | |
CWE Content Team | MITRE | updated Relationships | |
CWE Content Team | MITRE | updated Time_of_Introduction | |
CWE Content Team | MITRE | updated Relationships | |
CWE Content Team | MITRE | updated Description, Related_Attack_Patterns | |
CWE Content Team | MITRE | updated Relationships | |
CWE Content Team | MITRE | updated Mapping_Notes | |
CWE Content Team | MITRE | updated Observed_Examples | |
CWE Content Team | MITRE | updated References |