| Name |
Peripheral Footprinting |
|
| Likelyhood of attack |
Typical severity |
| Low |
Medium |
|
| Summary |
Adversaries may attempt to obtain information about attached peripheral devices and components connected to a computer system. Examples may include discovering the presence of iOS devices by searching for backups, analyzing the Windows registry to determine what USB devices have been connected, or infecting a victim system with malware to report when a USB device has been connected. This may allow the adversary to gain additional insight about the system or network environment, which may be useful in constructing further attacks. |
| Prerequisites |
The adversary needs either physical or remote access to the victim system. |
| Solutions | Identify programs that may be used to acquire peripheral information and block them by using a software restriction policy or tools that restrict program execution by using a process allowlist. |
| Related Weaknesses |
|
CWE ID
|
Description
|
| CWE-200 |
Exposure of Sensitive Information to an Unauthorized Actor |
|
| Related CAPECS |
|
CAPEC ID
|
Description
|
| CAPEC-169 |
An adversary engages in probing and exploration activities to identify constituents and properties of the target. |
|
| Taxonomy: ATTACK |
|
Entry ID
|
Entry Name
|
| 1120 |
Peripheral Device Discovery |
|