Threat H.M.IoH.3

URI: H.M.IoH.3

Description: Remote root access from AttackerSubnet via LogicalSubnet to insecure device Host: an attacker with access to AttackerSubnet gains access to host Host via an unprotected yet privileged service listening on LogicalSubnet .

Threat Type: Primary Threat

Matching Pattern:

MP-IoH

Finds an open network path from the Internet to (but not via) a Host connected to a local subnet, and the associated network interface and access context, plus the location contexts for the host being on that subnet, and optionally the host manager.

(empty)

H.M.HmAC.0

Root access to Host in all contexts by unauthorized agents: if untrustworthy actors gain admin rights on a host, the best case trustworthiness of the host in any context is degraded.

H.M.HsAC.0

Root access to Host in any context by an unauthorized agent: if an untrustworthy actor gains admin rights on a host, the worst case trustworthiness of the host in any context is degraded.

(empty)

LocalLossOfControl at Role_HostAccess

CSG-SecureHostConfig

Device Host is configured securely: passwords or other authentication are set up including resetting default passwords for all user and administrator accounts, auto-run features disabled to prevent execution without user authorisation for files from removable storage or from the internet, and unnecessary software and especially network accessible services removed or disabled.

Threat H.M.IoH.3

MP-IoH

Triggered by Threat (0)

Triggers Secondary Threats (2)

H.M.HmAC.0

H.M.HsAC.0

Triggered By Control Strategy (0)

Misbehaviour Sets (1)

Control Strategies (1)