CAPEC-682: Exploitation of Firmware or ROM Code with Unpatchable Vulnerabilities
An adversary may exploit vulnerable code (i.e., firmware or ROM) that is unpatchable. Unpatchable devices exist due to manufacturers intentionally or inadvertently designing devices incapable of updating their software. Additionally, with updatable devices, the manufacturer may decide not to support the device and stop making updates to their software.
When a vulnerability is found in a device that has no means of patching, the attack may be used against an entire class of devices. Devices from the same manufacturer often use similar or identical firmware, which could lead to widespread attacks. Devices of this nature are prime targets for botnet attacks. Consumer devices are frequently targeted for this attack due to the complexities of updating firmware once manufacturers no longer have physical access to a device. When exploiting a found vulnerability, adversaries often try to gain root access on a device. This allows them to use the device for any malicious purpose. Some example exploits are stealing device data, using the device for a ransomware attack, or recruiting the device for a botnet.