CAPEC Details
Name Flash Memory Attacks
Likelyhood of attack Typical severity
Low High
Summary An adversary inserts malicious logic into a product or technology via flashing the on-board memory with a code-base that contains malicious logic. Various attacks exist against the integrity of flash memory, the most direct being rootkits coded into the BIOS or chipset of a device.
Prerequisites
Solutions
Related Weaknesses
CWE ID Description
CWE-1282 Assumed-Immutable Data is Stored in Writable Memory
Related CAPECS
CAPEC ID Description
CAPEC-456 An adversary inserts malicious logic into memory enabling them to achieve a negative impact. This logic is often hidden from the user of the system and works behind the scenes to achieve negative impacts. This pattern of attack focuses on systems already fielded and used in operation as opposed to systems that are still under development and part of the supply chain.