Name | Data Injected During Configuration |
Summary | An attacker with access to data files and processes on a victim's system injects malicious data into critical operational data during configuration or recalibration, causing the victim's system to perform in a suboptimal manner that benefits the adversary. |
Prerequisites | The attacker must have previously compromised the victim's systems or have physical access to the victim's systems. Advanced knowledge of software and hardware capabilities of a manufacturer's product. |
Solutions | Ensure that proper access control is implemented on all systems to prevent unauthorized access to system files and processes. |
Related Weaknesses |
CWE ID | Description |
CWE-284 | Improper Access Control |
|