CAPEC-457: USB Memory Attacks

An adversary loads malicious code onto a USB memory stick in order to infect any system which the device is plugged in to. USB drives present a significant security risk for business and government agencies. Given the ability to integrate wireless functionality into a USB stick, it is possible to design malware that not only steals confidential data, but sniffs the network, or monitor keystrokes, and then exfiltrates the stolen data off-site via a Wireless connection. Also, viruses can be transmitted via the USB interface without the specific use of a memory stick. The attacks from USB devices are often of such sophistication that experts conclude they are not the work of single individuals, but suggest state sponsorship. These attacks can be performed by an adversary with direct access to a target system or can be executed via means such as USB Drop Attacks.

Last updated June 1, 2026

High

Typical severity

Per MITRE

Low

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Detailed

Abstraction

CAPEC-457: USB Memory Attacks

CAPEC-457: USB Memory Attacks

Overview

How the attack works

What the attacker needs

Prerequisites

How to mitigate it

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-457?

How does a USB Memory Attacks attack work?

How do you prevent CAPEC-457?

What weaknesses does CAPEC-457 target?

How severe is CAPEC-457?

References

Defend against CAPEC-457

Overview

How the attack works

What the attacker needs

Prerequisites

How to mitigate it

Related weaknesses

Related attack patterns

Parent

Can precede

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-457?

How does a USB Memory Attacks attack work?

How do you prevent CAPEC-457?

What weaknesses does CAPEC-457 target?

How severe is CAPEC-457?

References

Defend against CAPEC-457