CAPEC Details
Name Pull Data from System Resources
Likelyhood of attack Typical severity
Low High
Summary An adversary who is authorized or has the ability to search known system resources, does so with the intention of gathering useful information. System resources include files, memory, and other aspects of the target system. In this pattern of attack, the adversary does not necessarily know what they are going to find when they start pulling data. This is different than CAPEC-150 where the adversary knows what they are looking for due to the common location.
Prerequisites
Solutions
Related Weaknesses
CWE ID Description
CWE-1239 Improper Zeroization of Hardware Register
CWE-1243 Sensitive Non-Volatile Information Not Protected During Debug
CWE-1258 Exposure of Sensitive System Information Due to Uncleared Debug Information
CWE-1258 Exposure of Sensitive System Information Due to Uncleared Debug Information
CWE-1266 Improper Scrubbing of Sensitive Data from Decommissioned Device
CWE-1272 Sensitive Information Uncleared Before Debug/Power State Transition
CWE-1278 Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques
CWE-1323 Improper Management of Sensitive Trace Data
CWE-1330 Remanent Data Readable after Memory Erase
Related CAPECS
CAPEC ID Description
CAPEC-116 An adversary actively probes the target in a manner that is designed to solicit information that could be leveraged for malicious purposes.
Taxonomy: ATTACK
Entry ID Entry Name
1005 Data from Local System
1555.001 Credentials from Password Stores:Keychain