Threat Sg.DA.L1SSg2AC.1

URI: Sg.DA.L1SSg2AC.1

Description: Mesh routing between FromHost and ToHost not disabled at reenabled at Gateway: if an attacker has admin rights on host Gateway, they can override a policy not to enable mesh routing between paired hosts.

Threat Type: Primary Threat

Matching Pattern:

MP-L1SSg2AC

Finds a gateway between two distinct layer 1 subnets (i.e. Bluetooth or USB connections), along with the forward and return path segments via the gateway, and a context in which the gateway is connected to both subnets.

(empty)

CSG-DisableMeshRouting

ConnectionsAllowed at Role_FwdSegment

ServiceChannelsAllowed at Role_FwdSegment

(empty)

Threat Sg.DA.L1SSg2AC.1

MP-L1SSg2AC

Triggered by Threat (0)

Triggers Secondary Threats (0)

Triggered By Control Strategy (1)

Misbehaviour Sets (2)

Control Strategies (0)