Misbehaviour LossOfExtrinsic-VL-TW

URI: LossOfExtrinsic-VL-TW

Description: Discovery by potential attackers of a vulnerability that can be accessed from a local shell or via physical access.

This misbehaviour affects the trustworthiness attribute Extrinsic-VL-TW

Host	A device that can store, process, transmit or receive data.
Process	Represents a process (usually implemented by software running on a Host) that can read, update or create data, or exchange data with other processes.

H.E-VL.H.8

Vulnerability (VL) discovered at Host: software vulnerability found in device Host, which could allow an attack by a local user, and may be known to attackers. Around 14 percent of vulnerabilities require local user access to the vulnerable device (NVD 2015-2019).

P.E-VL.HP-iT.8

Vulnerability (VL) discovered at Process: software vulnerability found in process Process, which could allow an attack by a local user, and may be known to attackers. Around 14 percent of vulnerabilities require local user access to the vulnerable device (NVD 2015-2019).

(empty)

H.V.CHS-iP.3

Local anonymous exploit on host Host in Space: an attacker with physical access to the console of device Host in Space is able to exploit a bug in Host.

H.V.HAC.2

Local authenticated exploit on device Host when in location Space: an attacker with local user level access to device Host in location Space exploits a bug in Host.

P.V.HACPmAC.2

Local authenticated exploit on process Process in Space: an attacker with local user access to device Host in space Space can exploit a bug in Process.

Misbehaviour LossOfExtrinsic-VL-TW

Assets (2)

Threats that cause this misbehaviour (2)

H.E-VL.H.8

P.E-VL.HP-iT.8

Threats caused by this misbehaviour (0)

Threats caused by affected trustworthiness attribute (3)

H.V.CHS-iP.3

H.V.HAC.2

P.V.HACPmAC.2