CAPEC-534 - Malicious Hardware Update

An attacker introduces malicious code to the victim's system by altering hardware update or replacement components being provided to the victim, allowing for additional compromise or site disruption at the victim location.

Severity

Likelihood

Confidentiality

Integrity

Availability

High level: Able to develop and manufacture malicious hardware components that perform the same functions and processes as their non-malicious counterparts.

Physical access to an sub-system developer or integration facility where hardware update or replacement components are kept.