CAPEC Details
Name Signature Spoof
Likelyhood of attack Typical severity
Medium Low
Summary An attacker generates a message or datablock that causes the recipient to believe that the message or datablock was generated and cryptographically signed by an authoritative or reputable source, misleading a victim or victim operating system into performing malicious actions.
Prerequisites The victim or victim system is dependent upon a cryptographic signature-based verification system for validation of one or more security events or actions. The validation can be bypassed via an attacker-provided signature that makes it appear that the legitimate authoritative or reputable source provided the signature.
Solutions
Related Weaknesses
CWE ID Description
CWE-20 Improper Input Validation
CWE-290 Authentication Bypass by Spoofing
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
Related CAPECS
CAPEC ID Description
CAPEC-151 Identity Spoofing refers to the action of assuming (i.e., taking on) the identity of some other entity (human or non-human) and then using that identity to accomplish a goal. An adversary may craft messages that appear to come from a different principle or use stolen / spoofed authentication credentials.
Taxonomy: ATTACK
Entry ID Entry Name
1036.001 Masquerading: Invalid Code Signature
1553.002 Subvert Trust Controls: Code Signing