CAPEC-558: Replace Trusted Executable
ID
CAPEC-558
Typical Severity
High
Likelihood Of Attack
Low
Status
Stable
An adversary exploits weaknesses in privilege management or access control to replace a trusted executable with a malicious version and enable the execution of malware when that trusted executable is called.
Weaknesses
# ID | Name | Type |
---|---|---|
CWE-284 | Improper Access Control | weakness |
Taxonomiy Mapping
Type | # ID | Name |
---|---|---|
ATTACK | 1505.005 | Server Software Component: Terminal Services DLL |
ATTACK | 1546.008 | Event Triggered Execution: Accessibility Features |