Misbehaviour LossOfExtrinsic-U-TW

URI: LossOfExtrinsic-U-TW

Description: Discovery by potential attackers of a vulnerability whose exploitation would allow an attacker user level access.

This misbehaviour affects the trustworthiness attribute Extrinsic-U-TW

Host	A device that can store, process, transmit or receive data.
Process	Represents a process (usually implemented by software running on a Host) that can read, update or create data, or exchange data with other processes.

P.E-U.SHP-iT.8

Vulnerability (U) discovered at Process: software vulnerability found in process Process, which could allow user level access to its host device with the rights of the process, and may be known to attackers. Around 30 percent of vulnerabilities allow local user access to the vulnerable device (NVD 2015-2019).

(empty)

H.L.HAC.4

Attacker exploit gains user privileges at Host in location Space: the attacker exploits a vulnerability in device Host when it is located in Space, and gains user level access to the device in that context.

P.L.HPAC.4

Attacker exploit takes control of Process in Space: the attacker exploits a vulnerability in process Process when its host Host is located in Space, giving them control of the process behaviour and access to its privileges on Host when in that location.

Misbehaviour LossOfExtrinsic-U-TW

Assets (2)

Threats that cause this misbehaviour (1)

P.E-U.SHP-iT.8

Threats caused by this misbehaviour (0)

Threats caused by affected trustworthiness attribute (2)

H.L.HAC.4

P.L.HPAC.4