TID-111: Untrusted External Storage
Threat Description
An untrusted storage peripheral (e.g., USB) could be installed on the device. If malicious code is executed from the untrusted storage, or transferred to the device, it could provide a way for a threat actor to get unauthorized code to execute on the device. Further, any files transferred from the untrusted storage could potentially be used to modify critical device configurations or settings files.
Threat Maturity and Evidence
Proof of Concept
BadUSB
“The malware they created, called BadUSB, can be installed on a USB device to completely take over a PC, invisibly alter files installed from the memory stick, or even redirect the user’s internet traffic. …Because BadUSB resides not in the flash memory storage of USB devices, but in the firmware that controls their basic functions, the attack code can remain hidden long after the contents of the device’s memory would appear to the average user to be deleted.”
CWE
CWE-1299: Missing Protection Mechanism for Alternate Hardware Interface (Base)
“The lack of protections on alternate paths to access control-protected assets (such as unprotected shadow registers and other external facing unguarded interfaces) allows an attacker to bypass existing protections to the asset that are only performed against the primary path.”