CAPEC-395: Bypassing Electronic Locks and Access Controls

An attacker exploits security assumptions to bypass electronic locks or other forms of access controls. Most attacks against electronic access controls follow similar methods but utilize different tools. Some electronic locks utilize magnetic strip cards, others employ RFID tags embedded within a card or badge, or may involve more sophisticated protections such as voice-print, thumb-print, or retinal biometrics. Magnetic Strip and RFID technologies are the most widespread because they are cost effective to deploy and more easily integrated with other electronic security measures. These technologies share common weaknesses that an attacker can exploit to gain access to a facility protected by the mechanisms via copying legitimate cards or badges, or generating new cards using reverse-engineered algorithms.

Not rated

Typical severity

Per MITRE

Not rated

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Standard

Abstraction

MITRE classification

CAPEC-395: Bypassing Electronic Locks and Access Controls

Overview

Frequently asked questions

What is CAPEC-395?

References

Defend against CAPEC-395

Overview

Related attack patterns

Parent

Child

Frequently asked questions

What is CAPEC-395?

References

Defend against CAPEC-395