CAPEC-552: Install Rootkit
ID
CAPEC-552
Typical Severity
High
Likelihood Of Attack
Medium
Status
Draft
An adversary exploits a weakness in authentication to install malware that alters the functionality and information provide by targeted operating system API calls. Often referred to as rootkits, it is often used to hide the presence of programs, files, network connections, services, drivers, and other system components.
Weaknesses
| # ID | Name | Type |
|---|---|---|
| CWE-284 | Improper Access Control | weakness |
Taxonomiy Mapping
| Type | # ID | Name |
|---|---|---|
| ATTACK | 1014 | Rootkit |
| ATTACK | 1542.003 | Pre-OS Boot:Bootkit |
| ATTACK | 1547.006 | Boot or Logon Autostart Execution:Kernel Modules and Extensions |