CAPEC-524 - Rogue Integration Procedures

An attacker alters or establishes rogue processes in an integration facility in order to insert maliciously altered components into the system. The attacker would then supply the malicious components. This would allow for malicious disruption or additional compromise when the system is deployed.

Severity

Likelihood

Confidentiality

Integrity

Availability

High level: Advanced knowledge of the design of the system.

High level: Hardware creation and manufacture of replacement components.

Physical access to an integration facility that prepares the system before it is deployed at the victim location.