Name |
Replace Trusted Executable |
|
Likelyhood of attack |
Typical severity |
Low |
High |
|
Summary |
An adversary exploits weaknesses in privilege management or access control to replace a trusted executable with a malicious version and enable the execution of malware when that trusted executable is called. |
Prerequisites |
|
Solutions | |
Related Weaknesses |
CWE ID
|
Description
|
CWE-284 |
Improper Access Control |
|
Related CAPECS |
CAPEC ID
|
Description
|
CAPEC-542 |
An adversary develops targeted malware that takes advantage of a known vulnerability in an organizational information technology environment. The malware crafted for these attacks is based specifically on information gathered about the technology environment. Successfully executing the malware enables an adversary to achieve a wide variety of negative technical impacts. |
|
Taxonomy: ATTACK |
Entry ID
|
Entry Name
|
1505.005 |
Server Software Component: Terminal Services DLL |
1546.008 |
Event Triggered Execution: Accessibility Features |
|