test_scratch
/
cti-ATT-CK-v13.1
/mobile-attack
/attack-pattern
/attack-pattern--08ea902d-ecb5-47ed-a453-2798057bb2d3.json
{ | |
"type": "bundle", | |
"id": "bundle--6c9a56bc-e25c-42cb-b0e7-7da8b78c3cdf", | |
"spec_version": "2.0", | |
"objects": [ | |
{ | |
"modified": "2023-03-15T16:23:59.281Z", | |
"name": "Abuse Elevation Control Mechanism", | |
"description": "Adversaries may circumvent mechanisms designed to control elevated privileges to gain higher-level permissions. Most modern systems contain native elevation control mechanisms that are intended to limit privileges that a user can gain on a machine. Authorization has to be granted to specific users in order to perform tasks that are designated as higher risk. An adversary can use several methods to take advantage of built-in control mechanisms in order to escalate privileges on a system. ", | |
"kill_chain_phases": [ | |
{ | |
"kill_chain_name": "mitre-mobile-attack", | |
"phase_name": "privilege-escalation" | |
} | |
], | |
"x_mitre_deprecated": false, | |
"x_mitre_detection": "When an application requests administrator permission, users are presented with a popup and the option to grant or deny the request. Application vetting services can detect when an application requests administrator permission. Extra scrutiny could be applied to applications that do", | |
"x_mitre_domains": [ | |
"mobile-attack" | |
], | |
"x_mitre_is_subtechnique": false, | |
"x_mitre_platforms": [ | |
"Android" | |
], | |
"x_mitre_version": "1.1", | |
"x_mitre_tactic_type": [ | |
"Post-Adversary Device Access" | |
], | |
"type": "attack-pattern", | |
"id": "attack-pattern--08ea902d-ecb5-47ed-a453-2798057bb2d3", | |
"created": "2022-04-01T15:54:05.633Z", | |
"created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5", | |
"revoked": false, | |
"external_references": [ | |
{ | |
"source_name": "mitre-attack", | |
"url": "https://attack.mitre.org/techniques/T1626", | |
"external_id": "T1626" | |
}, | |
{ | |
"source_name": "NIST Mobile Threat Catalogue", | |
"url": "https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-22.html", | |
"external_id": "APP-22" | |
} | |
], | |
"object_marking_refs": [ | |
"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168" | |
], | |
"x_mitre_attack_spec_version": "3.1.0", | |
"x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5" | |
} | |
] | |
} |