New to CAPEC? Start Here
Home > CAPEC List > Reports > Differences between 2.6 and 2.7 Content  

Differences between 2.6 and 2.7 Content

Summary
Summary
Total (2.7) 603
Total (2.6) 544
Attack Patterns
New Patterns Added 51
Existing Patterns Modified with Enhanced Material 79
Patterns Deprecated 7
Categories
Existing Categories Modified with Enhanced Material 12
Categories Deprecated 1
Views
Views Added 1
Existing Views Modified with Enhanced Material 1
CAPEC -> CWE Mappings
CAPEC -> CWE Mappings Added 12
CAPEC -> CWE Mappings Removed 8

Summary of Entry Types

Type 2.6 2.7
Views 8 9
Categories 58 57
Attack Patterns 454 505
Deprecated 24 32

Back to top
Attack Pattern Changes
Attack Pattern Changes
New Patterns Added
CAPEC-549 Local Execution of Code
CAPEC-550 Install New Service
CAPEC-551 Modify Existing Service
CAPEC-552 Install Rootkit
CAPEC-555 Remote Services with Stolen Credentials
CAPEC-556 Replace File Extension Handlers
CAPEC-557 Schedule Software To Run
CAPEC-558 Replace Trusted Executable
CAPEC-560 Use of Known Domain Credentials
CAPEC-561 Windows Admin Shares with Stolen Credentials
CAPEC-562 Modify Shared File
CAPEC-563 Add Malicious File to Shared Webroot
CAPEC-564 Run Software at Logon
CAPEC-566 Dump Password Hashes
CAPEC-567 Obtain Data via Utilities
CAPEC-568 Capture Credentials via Keylogger
CAPEC-569 Collect Data as Provided by Users
CAPEC-570 Signature-Based Avoidance
CAPEC-571 Block Logging to Central Repository
CAPEC-572 Artificially Inflate File Sizes
CAPEC-573 Process Footprinting
CAPEC-574 Services Footprinting
CAPEC-575 Account Footprinting
CAPEC-576 Group Permission Footprinting
CAPEC-577 Owner Footprinting
CAPEC-578 Disable Security Software
CAPEC-579 Replace Winlogon Helper DLL
CAPEC-580 Application Footprinting
CAPEC-581 Security Software Footprinting
CAPEC-601 Jamming
CAPEC-602 Degradation
CAPEC-603 Blockage
CAPEC-604 Wi-Fi Jamming
CAPEC-605 Cellular Jamming
CAPEC-606 Weakening of Cellular Encryption
CAPEC-607 Obstruction
CAPEC-608 Cryptanalysis of Cellular Encryption
CAPEC-609 Cellular Traffic Intercept
CAPEC-610 Cellular Data Injection
CAPEC-611 BitSquatting
CAPEC-612 WiFi MAC Address Tracking
CAPEC-613 WiFi SSID Tracking
CAPEC-614 Rooting SIM CardS
CAPEC-615 Evil Twin Wi-Fi Attack
CAPEC-616 Patiently Waiting at Incorrect Location
CAPEC-617 Cellular Rogue Base Station
CAPEC-618 Cellular Broadcast Message Request
CAPEC-619 Signal Strength Tracking
CAPEC-620 Drop Encryption Level
CAPEC-621 Analysis of Packet Timing and Sizes
CAPEC-622 Electromagnetic Side-Channel Attack
CAPEC-623 Compromising Emanations Attack
CAPEC-624 Fault Injection
CAPEC-625 Mobile Device Fault Injection
CAPEC-626 Smudge Attack
CAPEC-627 Counterfeit GPS Signals
CAPEC-628 Carry-Off GPS Attack
CAPEC-629 Unauthorized Use of Device Resources

Existing Patterns Modified with Enhanced Material
CAPEC-3 Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-21 Exploitation of Trusted Credentials
CAPEC-32 Embedding Scripts in HTTP Query Strings
CAPEC-37 Retrieve Embedded Sensitive Data
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-54 Query System for Information
CAPEC-62 Cross Site Request Forgery (aka Session Riding)
CAPEC-65 Passively Sniff and Capture Application Code Bound for Authorized Client
CAPEC-69 Target Programs with Elevated Privileges
CAPEC-90 Reflection Attack in Authentication Protocol
CAPEC-93 Log Injection-Tampering-Forging
CAPEC-97 Cryptanalysis
CAPEC-114 Authentication Abuse
CAPEC-115 Authentication Bypass
CAPEC-116 Excavation
CAPEC-127 Directory Indexing
CAPEC-132 Symlink Attack
CAPEC-139 Relative Path Traversal
CAPEC-150 Common Resource Location Exploration
CAPEC-154 Resource Location Spoofing
CAPEC-158 Sniffing Network Traffic
CAPEC-159 Redirect Access to Libraries
CAPEC-167 White Box Reverse Engineering
CAPEC-170 Web Application Fingerprinting
CAPEC-177 Create files with the same name as files protected with a higher classification
CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels
CAPEC-184 Software Integrity Attack
CAPEC-186 Malicious Software Update
CAPEC-187 Malicious Automated Software Update
CAPEC-188 Reverse Engineering
CAPEC-189 Black Box Reverse Engineering
CAPEC-190 Reverse Engineer an Executable to Expose Assumed Hidden Functionality or Content
CAPEC-191 Read Sensitive Strings Within an Executable
CAPEC-192 Protocol Analysis
CAPEC-203 Manipulate Application Registry Values
CAPEC-204 Lifting Sensitive Data Embedded in Cache
CAPEC-251 Local Code Inclusion
CAPEC-261 Fuzzing for garnering other adjacent user/sensitive data
CAPEC-270 Modification of Registry Run Keys
CAPEC-292 Host Discovery
CAPEC-309 Network Topology Mapping
CAPEC-311 OS Fingerprinting
CAPEC-401 Hacking Hardware
CAPEC-440 Hardware Integrity Attack
CAPEC-441 Malicious Logic Insertion
CAPEC-442 Malicious Logic Inserted Into To Product Software
CAPEC-443 Malicious Logic Inserted Into Product Software by Authorized Developer
CAPEC-444 Development Alteration
CAPEC-447 Design Alteration
CAPEC-456 Malicious Logic Insertion into Product Memory
CAPEC-457 USB Memory Attacks
CAPEC-462 Cross-Domain Search Timing
CAPEC-468 Generic Cross-Browser Cross-Domain Theft
CAPEC-471 DLL Search Order Hijacking
CAPEC-498 Probe iOS Screenshots
CAPEC-511 Infiltration of Software Development Environment
CAPEC-516 Hardware Component Substitution During Baselining
CAPEC-517 Documentation Alteration to Circumvent Dial-down
CAPEC-518 Documentation Alteration to Produce Under-performing Systems
CAPEC-519 Documentation Alteration to Cause Errors in System Design
CAPEC-520 Counterfeit Hardware Component Inserted During Product Assembly
CAPEC-521 Hardware Design Specifications Are Altered
CAPEC-522 Malicious Hardware Component Replacement
CAPEC-523 Malicious Software Implanted
CAPEC-524 Rogue Integration Procedures
CAPEC-530 Provide Counterfeit Component
CAPEC-531 Hardware Component Substitution
CAPEC-532 Altered Installed BIOS
CAPEC-533 Malicious Manual Software Update
CAPEC-534 Malicious Hardware Update
CAPEC-535 Malicious Gray Market Hardware
CAPEC-536 Data Injected During Configuration
CAPEC-537 Infiltration of Hardware Development Environment
CAPEC-538 Open Source Libraries Altered
CAPEC-539 ASIC With Malicious Functionality
CAPEC-542 Targeted Malware
CAPEC-545 Pull Data from System Resources
CAPEC-546 Probe Application Memory
CAPEC-547 Physical Destruction of Device or Component

Patterns Deprecated
CAPEC-205 Lifting credential(s)/key material embedded in client distributions (thick or thin)
CAPEC-449 Malware Propagation via USB Stick
CAPEC-450 Malware Propagation via USB U3 Autorun
CAPEC-451 Malware Propagation via Infected Peripheral Device
CAPEC-453 Malicious Logic Insertion via Counterfeit Hardware
CAPEC-454 Modification of Existing Components with Counterfeit Hardware
CAPEC-455 Malicious Logic Insertion via Inclusion of Counterfeit Hardware Components
Back to top
Category Changes
Category Changes
New Categories Added

Existing Categories Modified with Enhanced Material
CAPEC-152 Injection
CAPEC-156 Deceptive Interactions
CAPEC-210 Abuse of Functionality
CAPEC-225 Exploitation of Authentication
CAPEC-262 Manipulate Resources
CAPEC-281 Analyze Target
CAPEC-437 Supply Chain
CAPEC-512 Communications
CAPEC-513 Software
CAPEC-515 Hardware
CAPEC-525 Execute Code
CAPEC-526 Alter System Components

Categories Deprecated
CAPEC-286 Reconnaissance
Back to top
View Changes
View Changes
Views Added
CAPEC-553 Mobile Device Patterns

Existing Views Modified with Enhanced Material
CAPEC-1000 Mechanisms of Attack

Views Deprecated
Back to top
Mapping Changes
Mapping Changes
CAPEC --> CWE Mappings Added
CAPEC-204 Lifting Sensitive Data Embedded in Cache
  --> CWE-524 Information Exposure Through Caching
CAPEC-606 Weakening of Cellular Encryption
  --> CWE-757 Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
CAPEC-608 Cryptanalysis of Cellular Encryption
  --> CWE-327 Use of a Broken or Risky Cryptographic Algorithm
CAPEC-612 WiFi MAC Address Tracking
  --> CWE-201 Information Exposure Through Sent Data
CAPEC-613 WiFi SSID Tracking
  --> CWE-201 Information Exposure Through Sent Data
CAPEC-614 Rooting SIM CardS
  --> CWE-327 Use of a Broken or Risky Cryptographic Algorithm
CAPEC-618 Cellular Broadcast Message Request
  --> CWE-201 Information Exposure Through Sent Data
CAPEC-619 Signal Strength Tracking
  --> CWE-201 Information Exposure Through Sent Data
CAPEC-620 Drop Encryption Level
  --> CWE-757 Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')
CAPEC-621 Analysis of Packet Timing and Sizes
  --> CWE-201 Information Exposure Through Sent Data
CAPEC-622 Electromagnetic Side-Channel Attack
  --> CWE-201 Information Exposure Through Sent Data
CAPEC-623 Compromising Emanations Attack
  --> CWE-201 Information Exposure Through Sent Data

CAPEC --> CWE Mappings Removed
CAPEC-167 Lifting Sensitive Data from the Client
  --> CWE-311 Missing Encryption of Sensitive Data
  --> CWE-642 External Control of Critical State Data
CAPEC-188 Reverse Engineering
  --> CWE-259 Use of Hard-coded Password
  --> CWE-798 Use of Hard-coded Credentials
CAPEC-189 Software Reverse Engineering
  --> CWE-259 Use of Hard-coded Password
  --> CWE-798 Use of Hard-coded Credentials
CAPEC-192 Protocol Reverse Engineering
  --> CWE-259 Use of Hard-coded Password
  --> CWE-798 Use of Hard-coded Credentials

CAPEC --> CAPEC Mappings Added

CAPEC --> CAPEC Mappings Removed
Back to top
More information is available — Please select a different filter.
Page Last Updated or Reviewed: October 28, 2016
 

Use of the Common Attack Pattern Enumeration and Classification (CAPEC), and the associated references from this website are subject to the Terms of Use. CAPEC is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and managed by the Homeland Security Systems Engineering and Development Institute (HSSEDI) which is operated by The MITRE Corporation (MITRE). Copyright © 2007–2024, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.