CAPEC-519 - Documentation Alteration to Cause Errors in System Design

An attacker with access to a manufacturer's documentation containing requirements allocation and software design processes maliciously alters the documentation in order to cause errors in system design. This allows the attacker to take advantage of a weakness in a deployed system of the manufacturer for malicious purposes.

Severity

Likelihood

Confidentiality

Integrity

Availability

High level: Ability to read, interpret, and subsequently alter manufacturer's documentation to cause errors in system design.

High level: Ability to stealthly gain access via remote compromise or physical access to the manufacturer's documentation.

Advanced knowledge of software capabilities of a manufacturer's product.

Access to the manufacturer's documentation.