CAPEC-532: Altered Installed BIOS

An attacker with access to download and update system software sends a maliciously altered BIOS to the victim or victim supplier/integrator, which when installed allows for future exploitation.

High

Typical severity

Per MITRE

Low

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Detailed

Abstraction

MITRE classification

Overview

CAPEC-532 (Altered Installed BIOS) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

CAPEC-532: Altered Installed BIOS

Overview

What the attacker needs

Prerequisites

Skills required

How to mitigate it

Examples

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-532?

How do you prevent CAPEC-532?

How severe is CAPEC-532?

References

Defend against CAPEC-532

Overview

What the attacker needs

Prerequisites

Skills required

How to mitigate it

Examples

Related attack patterns

Parent

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-532?

How do you prevent CAPEC-532?

How severe is CAPEC-532?

References

Defend against CAPEC-532