CAPEC Details
Name Replace Trusted Executable
Likelyhood of attack Typical severity
Low High
Summary An adversary exploits weaknesses in privilege management or access control to replace a trusted executable with a malicious version and enable the execution of malware when that trusted executable is called.
Prerequisites
Solutions
Related Weaknesses
CWE ID Description
CWE-284 Improper Access Control
Related CAPECS
CAPEC ID Description
CAPEC-542 An adversary develops targeted malware that takes advantage of a known vulnerability in an organizational information technology environment. The malware crafted for these attacks is based specifically on information gathered about the technology environment. Successfully executing the malware enables an adversary to achieve a wide variety of negative technical impacts.
Taxonomy: ATTACK
Entry ID Entry Name
1505.005 Server Software Component: Terminal Services DLL
1546.008 Event Triggered Execution: Accessibility Features