Threat P.V.HACPmAC.2

URI: P.V.HACPmAC.2

Description: Local authenticated exploit on process Process in Space: an attacker with local user access to device Host in space Space can exploit a bug in Process.

Threat Type: Primary Threat

Matching Pattern:

MP-HACPmAC

Finds a process running on a host in a space and the host location access context, with all related process location and network access contexts.

(empty)

LossOfExploitTW at Role_ProcAccess

LossOfExploitTW at Role_Process

CSG-PatchingAtProcess

Use a systematic procedure for regular security patching of software used (including hosted process Process) on device Host, and have a contingency plan included in the system operating policies and practices for HostManager to manually apply patches immediately for Process should the need for them become urgent.

CSG-PatchingAtProcess-Implementation

Represents a situation in which software patches have been applied manually by HostManager to eliminate vulnerabilities in process Process. This strategy represents activation of a contingency plan at runtime, and can be selected to discover what effect this would have on risk levels, allowing this to be used for decision support calculations. Note that this should only be considered if a suitable software patch is available. To implement this at runtime, signal the responsible user HostManager.

Threat P.V.HACPmAC.2

MP-HACPmAC

Triggered by Threat (0)

Triggers Secondary Threats (0)

Triggered By Control Strategy (0)

Misbehaviour Sets (2)

Control Strategies (2)