CAPEC-522 - Malicious Hardware Component Replacement

An attacker replaces legitimate hardware in the system with faulty counterfeit or tampered hardware in the supply chain distribution channel, with purpose of causing malicious disruption or allowing for additional compromise when the system is deployed.

Severity

Likelihood

Confidentiality

Integrity

Availability

High level: Advanced knowledge of the design of the system.

High level: Hardware creation and manufacture of replacement components.

Physical access to the system after it has left the manufacturer but before it is deployed at the victim location.