Threat H.V.IoH.2

URI: H.V.IoH.2

Description: Remote authenticated exploit on device Host from AttackerSubnet via LogicalSubnet: an attacker with access to the subnet AttackerSubnet can send a malicious message via the network to device Host via LogicalSubnet that, after authentication, can exploit a vulnerability in Host.

Threat Type: Primary Threat

Matching Pattern:

MP-IoH

Finds an open network path from the Internet to (but not via) a Host connected to a local subnet, and the associated network interface and access context, plus the location contexts for the host being on that subnet, and optionally the host manager.

(empty)

LossOfExploitTW at Role_Host

LossOfExploitTW at Role_HostAccess

CSG-PatchingAtHost

Use a systematic procedure for regular security patching of software used (including hosted processes) on device Host, and have a contingency plan included in the system operating policies and practices for HostManager to manually apply patches immediately should the need for them become urgent.

CSG-PatchingAtHost-Implementation

Represents a situation in which software patches have been applied manually by HostManager to eliminate vulnerabilities in device Host. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Note that this should only be considered if a suitable software patch is available. To implement this at runtime, signal the responsible user HostManager. Then deselect the SoftwarePatched control and restore the asserted Extrinsic TW levels of Host once the update has been confirmed.

Threat H.V.IoH.2

MP-IoH

Triggered by Threat (0)

Triggers Secondary Threats (0)

Triggered By Control Strategy (0)

Misbehaviour Sets (2)

Control Strategies (2)