| Name |
Malicious Automated Software Update via Redirection |
|
| Likelyhood of attack |
Typical severity |
| High |
High |
|
| Summary |
An attacker exploits two layers of weaknesses in server or client software for automated update mechanisms to undermine the integrity of the target code-base. The first weakness involves a failure to properly authenticate a server as a source of update or patch content. This type of weakness typically results from authentication mechanisms which can be defeated, allowing a hostile server to satisfy the criteria that establish a trust relationship. The second weakness is a systemic failure to validate the identity and integrity of code downloaded from a remote location, hence the inability to distinguish malicious code from a legitimate update. |
| Prerequisites |
|
| Solutions | |
| Related Weaknesses |
|
CWE ID
|
Description
|
| CWE-494 |
Download of Code Without Integrity Check |
|
| Related CAPECS |
|
CAPEC ID
|
Description
|
| CAPEC-186 |
An adversary uses deceptive methods to cause a user or an automated process to download and install dangerous code believed to be a valid update that originates from an adversary controlled source. |
|
| Taxonomy: ATTACK |
|
Entry ID
|
Entry Name
|
| 1072 |
Software Deployment Tools |
|