Name |
Signature Spoofing by Key Theft |
|
Likelyhood of attack |
Typical severity |
Medium |
High |
|
Summary |
An attacker obtains an authoritative or reputable signer's private signature key by theft and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker. |
Prerequisites |
An authoritative or reputable signer is storing their private signature key with insufficient protection. |
Solutions | Restrict access to private keys from non-supervisory accounts Restrict access to administrative personnel and processes only Ensure all remote methods are secured Ensure all services are patched and up to date |
Related Weaknesses |
CWE ID
|
Description
|
CWE-522 |
Insufficiently Protected Credentials |
|
Related CAPECS |
CAPEC ID
|
Description
|
CAPEC-473 |
An attacker generates a message or datablock that causes the recipient to believe that the message or datablock was generated and cryptographically signed by an authoritative or reputable source, misleading a victim or victim operating system into performing malicious actions. |
|
Taxonomy: ATTACK |
Entry ID
|
Entry Name
|
1552.004 |
Unsecured Credentials: Private Keys |
|