| Name |
Inter-component Protocol Manipulation |
|
| Likelyhood of attack |
Typical severity |
| High |
Very High |
|
| Summary |
Inter-component protocols are used to communicate between different software and hardware modules within a single computer. Common examples are: interrupt signals and data pipes. Subverting the protocol can allow an adversary to impersonate others, discover sensitive information, control the outcome of a session, or perform other attacks. This type of attack targets invalid assumptions that may be inherent in implementers of the protocol, incorrect implementations of the protocol, or vulnerabilities in the protocol itself. |
| Prerequisites |
|
| Solutions | |
| Related Weaknesses |
|
CWE ID
|
Description
|
| CWE-707 |
Improper Neutralization |
|
| Related CAPECS |
|
CAPEC ID
|
Description
|
| CAPEC-272 |
An adversary subverts a communications protocol to perform an attack. This type of attack can allow an adversary to impersonate others, discover sensitive information, control the outcome of a session, or perform other attacks. This type of attack targets invalid assumptions that may be inherent in implementers of the protocol, incorrect implementations of the protocol, or vulnerabilities in the protocol itself. |
|