New to CAPEC? Start Here
Home > CAPEC List > CAPEC-537: Infiltration of Hardware Development Environment (Version 3.9)  

CAPEC-537: Infiltration of Hardware Development Environment

Attack Pattern ID: 537
Abstraction: Detailed
View customized information:
+ Description
An adversary, leveraging the ability to manipulate components of primary support systems and tools within the development and production environments, inserts malicious software within the hardware and/or firmware development environment. The infiltration purpose is to alter developed hardware components in a system destined for deployment at the victim's organization, for the purpose of disruption or further compromise.
+ Likelihood Of Attack


+ Typical Severity


+ Relationships
Section HelpThis table shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf and ParentOf, and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.
ChildOfStandard Attack PatternStandard Attack Pattern - A standard level attack pattern in CAPEC is focused on a specific methodology or technique used in an attack. It is often seen as a singular piece of a fully executed attack. A standard attack pattern is meant to provide sufficient details to understand the specific technique and how it attempts to accomplish a desired goal. A standard level attack pattern is a specific type of a more abstract meta level attack pattern.444Development Alteration
Section HelpThis table shows the views that this attack pattern belongs to and top level categories within that view.
+ Prerequisites
The victim must use email or removable media from systems running the IDE (or systems adjacent to the IDE systems).
The victim must have a system running exploitable applications and/or a vulnerable configuration to allow for initial infiltration.
The adversary must have working knowledge of some if not all of the components involved in the IDE system as well as the infrastructure.
+ Skills Required
[Level: Medium]
Intelligence about the manufacturer's operating environment and infrastructure.
[Level: High]
Ability to develop, deploy, and maintain a stealth malicious backdoor program remotely in what is essentially a hostile environment.
[Level: High]
Development skills to construct malicious attachments that can be used to exploit vulnerabilities in typical desktop applications or system configurations. The malicious attachments should be crafted well enough to bypass typical defensive systems (IDS, anti-virus, etc)
+ Mitigations
Verify software downloads and updates to ensure they have not been modified be adversaries
Leverage antivirus tools to detect known malware
Do not download software from untrusted sources
Educate designers, developers, engineers, etc. on social engineering attacks to avoid downloading malicious software via attacks such as phishing attacks
+ Example Instances

The adversary, knowing the manufacturer runs email on a system adjacent to the hardware development systems used for hardware and/or firmware design, sends a phishing email with a malicious attachment to the manufacturer. When viewed, the malicious attachment installs a backdoor that allows the adversary to remotely compromise the adjacent hardware development system from the manufacturer's workstation. The adversary is then able to exfiltrate and alter sensitive data on the hardware system, allowing for future compromise once the developed system is deployed at the victim location.

+ Taxonomy Mappings
Section HelpCAPEC mappings to ATT&CK techniques leverage an inheritance model to streamline and minimize direct CAPEC/ATT&CK mappings. Inheritance of a mapping is indicated by text stating that the parent CAPEC has relevant ATT&CK mappings. Note that the ATT&CK Enterprise Framework does not use an inheritance model as part of the mapping to CAPEC.
Relevant to the ATT&CK taxonomy mapping
Entry IDEntry Name
1195.003Supply Chain Compromise: Compromise Hardware Supply Chain
+ References
[REF-439] John F. Miller. "Supply Chain Attack Framework and Attack Patterns". The MITRE Corporation. 2013. <>.
[REF-712] Cristin Goodwin and Joram Borenstein. "Guarding against supply chain attacks—Part 2: Hardware risks". Microsoft. 2020-02-03. <>. URL validated: 2022-02-17.
+ Content History
Submission DateSubmitterOrganization
(Version 2.6)
CAPEC Content TeamThe MITRE Corporation
Modification DateModifierOrganization
(Version 2.7)
CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns, Typical_Likelihood_of_Exploit
(Version 3.1)
CAPEC Content TeamThe MITRE Corporation
Updated Related_Weaknesses
(Version 3.2)
CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
(Version 3.4)
CAPEC Content TeamThe MITRE Corporation
Updated Related_Weaknesses
(Version 3.7)
CAPEC Content TeamThe MITRE Corporation
Updated Description, Example_Instances, Mitigations, Prerequisites, References
(Version 3.8)
CAPEC Content TeamThe MITRE Corporation
Updated Taxonomy_Mappings
More information is available — Please select a different filter.
Page Last Updated or Reviewed: July 31, 2018