tid-302
Vulnerability from emb3d
Type
application-software
Link
Show details on source website
Description

A threat actor can install a malicious program to the device to manipulate its operations or prevent the device from operating as expected. Devices can utilize a variety of different approaches to support the download, modification, and execution of programs/logic. For example, some devices might support program downloads through traditional operating system interfaces (e.g., Telnet, SSH, RDP), while other devices, such as PLCs, often use proprietary interfaces to deploy and execute IEC 61131 based logic programs. Devices are often dependent on a remote system, such as a Windows workstations, with a vendor-specific application program or IDE to develop and transfer the programs to the device. However, devices often assume that all code originates from that trusted program/IDE and therefore do not perform any integrity checking of the code before downloading or executing it.

CWE
  • CWE-494: Download of Code Without Integrity Check


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.