CAPEC-518 - Documentation Alteration to Produce Under-performing Systems

An attacker with access to a manufacturer's documentation alters the descriptions of system capabilities with the intent of causing errors in derived system requirements, impacting the overall effectiveness and capability of the system, allowing an attacker to take advantage of the introduced system capability flaw once the system is deployed.

Severity

Likelihood

Confidentiality

Integrity

Availability

High level: Ability to read, interpret, and subsequently alter manufacturer's documentation to misrepresent system capabilities.

High level: Ability to stealthly gain access via remote compromise or physical access to the manufacturer's documentation.

Advanced knowledge of software and hardware capabilities of a manufacturer's product.

Access to the manufacturer's documentation.