Home > CAPEC List > CAPEC-562: Modify Shared File (Version 2.11)  

CAPEC-562: Modify Shared File

Modify Shared File
Definition in a New Window Definition in a New Window
Attack Pattern ID: 562
Abstraction: Detailed
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

An adversary manipulates the files in a shared location by adding malicious programs, scripts, or exploit code to valid content. Once a user opens the shared content, the tainted content is executed.

+ Solutions and Mitigations

Disallow shared content. Protect shared folders by minimizing users that have write access. Use utilities that mitigate exploitation like the Microsoft Enhanced Mitigation Experience Toolkit (EMET) to prevent exploits from being run.

+ References
[R.562.1] ATT&CK Project. "Taint shared content (1080)". MITRE. <https://attack.mitre.org/wiki/Taint_shared_content>.
+ Content History
CAPEC Content TeamThe MITRE Corporation2015-11-09Internal_CAPEC_Team

More information is available — Please select a different filter.
Page Last Updated or Reviewed: August 04, 2017