CAPEC-516 - Hardware Component Substitution During Baselining

An attacker with access to system components during allocated baseline development can substitute a maliciously altered hardware component for a baseline component in the during the product development and research phase. This can lead to adjustments and calibrations being made in the product, so that when the final product with the proper components is deployed, it will not perform as designed and be advantageous to the attacker.

Severity

Likelihood

Confidentiality

Integrity

Availability

Medium level: Intelligence data on victim's purchasing habits.

High level: Resources to maliciously construct/alter hardware components used for testing by the supplier.

High level: Resources to physically infiltrate supplier.

The attacker will need either physical access or be able to supply malicious hardware components to the product development facility.