CAPEC-679: Exploitation of Improperly Configured or Implemented Memory Protections
An adversary takes advantage of missing or incorrectly configured access control within memory to read/write data or inject malicious code into said memory.
Last updated
Overview
Hardware product designs often need to implement memory protection features to prevent users from reading and modifying memory reserved for security operations such as secure booting, authenticating code, device attestation, and more. However, these protection features may be missing if not configured by developers. For example, this can occur if the developers assume these features are configured elsewhere. Additionally, developers often attempt to impose proper protection features, but may incorrectly configure these controls. One such example would be setting controls with insufficient granularity for protected address regions. If an adversary is able to discover improper access controls surrounding memory, it could result in the adversary obtaining sensitive data, executing code, circumventing security mechanisms, escalating privileges, or even denying service to higher privilege software.
What the attacker needs
Prerequisites
- Access to the hardware being leveraged.
Skills required
- Medium skill: Ability to craft malicious code to inject into the memory region.
- High skill: Intricate knowledge of memory structures.
Consequences
What a successful CAPEC-679 attack can achieve.
Modify Data
Affects: Integrity
Read Data
Affects: Confidentiality
Execute Unauthorized Commands
Affects: Confidentiality, Integrity, Availability
Run Arbitrary Code