Detailed attack pattern
Draft
CAPEC-477: Signature Spoofing by Mixing Signed and Unsigned Content
An attacker exploits the underlying complexity of a data structure that allows for both signed and unsigned content, to cause unsigned data to be processed as though it were signed data.
Last updated
High
Typical severity
Per MITRE
Low
Likelihood of attack
Per MITRE
3
Related weaknesses
CWEs this targets
Detailed
Abstraction
MITRE classification
Overview
CAPEC-477 (Signature Spoofing by Mixing Signed and Unsigned Content) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.
What the attacker needs
Prerequisites
- Signer and recipient are using complex data storage structures that allow for a mix between signed and unsigned data
- Recipient is using signature verification software that does not maintain separation between signed and unsigned data once the signature has been verified.
Skills required
- High skill: The attacker may need to continuously monitor a stream of signed data, waiting for an exploitable message to appear.
- High skill: Attacker must be able to create malformed data blobs and know how to insert them in a location that the recipient will visit.
How to mitigate it
Defenses that reduce the risk of CAPEC-477.
- Ensure the application is fully patched and does not allow the processing of unsigned data as if it is signed data.