Threat H.M.RIoH.7

URI: H.M.RIoH.7

Description: Remote root access from AttackerSubnet via LogicalSubnet to back door on device Host: an attacker with access to AttackerSubnet gains access to host Host via a previously installed back door providing a reverse shell via LogicalSubnet .

Threat Type: Primary Threat

Matching Pattern:

MP-RIoH

Finds an open network path to the Internet from (but not via) a Host connected to a local subnet, and the associated network interface and access context, plus the location contexts for the host being on that subnet, and optionally the host manager.

(empty)

H.M.HmAC.0

Root access to Host in all contexts by unauthorized agents: if untrustworthy actors gain admin rights on a host, the best case trustworthiness of the host in any context is degraded.

H.M.HsAC.0

Root access to Host in any context by an unauthorized agent: if an untrustworthy actor gains admin rights on a host, the worst case trustworthiness of the host in any context is degraded.

(empty)

LocalLossOfControl at Role_HostAccess

(empty)

Threat H.M.RIoH.7

MP-RIoH

Triggered by Threat (0)

Triggers Secondary Threats (2)

H.M.HmAC.0

H.M.HsAC.0

Triggered By Control Strategy (0)

Misbehaviour Sets (1)

Control Strategies (0)