CAPEC-626: Smudge Attack

Overview

CAPEC-626 (Smudge Attack) is a detailed-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

What the attacker needs

Prerequisites

The attacker must have physical access to the device.

Skills required

Medium skill: The attacker must know how to make use of these smudges.

Consequences

What a successful CAPEC-626 attack can achieve.

Bypass Protection Mechanism

Affects: Access Control

How to mitigate it

Defenses that reduce the risk of CAPEC-626.

Strong physical security of the device.

How this attack relates to others in the CAPEC hierarchy.

Parent

CAPEC-395: Bypassing Electronic Locks and Access Controls

Frequently asked questions

CAPEC-626: Smudge Attack

Overview

What the attacker needs

Prerequisites

Skills required

Consequences

How to mitigate it

Frequently asked questions

What is CAPEC-626?

How do you prevent CAPEC-626?

References

Defend against CAPEC-626

Frequently asked questions

Overview

What the attacker needs

Prerequisites

Skills required

Consequences

How to mitigate it

Related attack patterns

Parent

Frequently asked questions

What is CAPEC-626?

How do you prevent CAPEC-626?

References

Defend against CAPEC-626