Standard attack pattern

Draft

CAPEC-700: Network Boundary Bridging

An adversary which has gained elevated access to network boundary devices may use these devices to create a channel to bridge trusted and untrusted networks. Boundary devices do not necessarily have to be on the network’s edge, but rather must serve to segment portions of the target network the adversary wishes to cross into.

High

Typical severity

Per MITRE

Medium

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Standard

Abstraction

MITRE classification

Overview

Network boundary devices are network devices such as routers and firewalls which segment networks by restricting certain types of traffic from flowing through the device. Network boundary devices are often directly accessible through a portal page for management purposes. An adversary’s goal when conducting network boundary bridging is to connect networks which are being segmented by the device. To do so, the adversary must first compromise the network boundary device.

CAPEC-700: Network Boundary Bridging

Overview

How the attack works

What the attacker needs

Prerequisites

Skills required

Resources required

Consequences

How to mitigate it

Examples

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-700?

How does a Network Boundary Bridging attack work?

How do you prevent CAPEC-700?

How severe is CAPEC-700?

References

Defend against CAPEC-700

Overview

How the attack works

What the attacker needs

Prerequisites

Skills required

Resources required

Consequences

How to mitigate it

Examples

Related attack patterns

Parent

Can follow

Terminology & mappings

Mapped taxonomies

Frequently asked questions

What is CAPEC-700?

How does a Network Boundary Bridging attack work?

How do you prevent CAPEC-700?

How severe is CAPEC-700?

References

Defend against CAPEC-700