Application Software

Application Software

  • TID-301: Applications Binaries Modified
  • TID-302: Install Untrusted Application
  • TID-303: Excessive Trust in Offboard Management/IDE Software
  • TID-304: Manipulate Runtime Environment
  • TID-305: Program Executes Dangerous System Calls
  • TID-306: Sandboxed Environments Escaped
  • TID-307: Device Code Representations Inconsistent
  • TID-308: Code Overwritten to Avoid Detection
  • TID-309: Device Exploits Engineering Workstation
  • TID-310: Remotely Accessible Unauthenticated Services
  • TID-311: Default Credentials
  • TID-312: Credential Change Mechanism Can Be Abused
  • TID-313: Unauthenticated Session Changes Credential
  • TID-314: Passwords Can Be Guessed Using Brute-Force Attempts
  • TID-315: Password Retrieval Mechanism Abused
  • TID-316: Incorrect Certificate Verification Allows Authentication Bypass
  • TID-317: Predictable Cryptographic Key
  • TID-318: Insecure Cryptographic Implementation
  • TID-319: Cross Site Scripting (XSS)
  • TID-320: SQL Injection
  • TID-321: HTTP Application Session Hijacking
  • TID-322: Cross Site Request Forgery (CSRF)
  • TID-323: Path Traversal
  • TID-324: HTTP Direct Object Reference
  • TID-325: HTTP Injection/Response Splitting
  • TID-326: Insecure Deserialization
  • TID-327: Out of Bounds Memory Access
  • TID-328: Hardcoded Credentials
  • TID-329: Improper Password Storage
  • TID-330: Cryptographic Timing Side-Channel