Application Software

Application Software

  • TID-301 - Applications Binaries Modified
  • TID-302 - Install Untrusted Application
  • TID-303 - Excessive Trust in Offboard Management/IDE Software
  • TID-304 - Manipulate Runtime Environment
  • TID-305 - Program Executes Dangerous System Calls
  • TID-306 - Sandboxed Environments Escaped
  • TID-307 - Device Code Representations Inconsistent
  • TID-308 - Code Overwritten to Avoid Detection
  • TID-309 - Device Exploits Engineering Workstation
  • TID-310 - Remotely Accessible Unauthenticated Services
  • TID-328 - Hardcoded Credentials
  • TID-311 - Default Credentials
  • TID-312 - Credential Change Mechanism Can Be Abused
  • TID-313 - Unauthenticated Session Changes Credential
  • TID-314 - Passwords Can Be Guessed Using Brute-Force Attempts
  • TID-315 - Password Retrieval Mechanism Abused
  • TID-316 - Incorrect Certificate Verification Allows Authentication Bypass
  • TID-317 - Predictable Cryptographic Key
  • TID-318 - Insecure Cryptographic Implementation
  • TID-319 - Cross Site Scripting (XSS)
  • TID-320 - SQL Injection
  • TID-321 - HTTP Application Session Hijacking
  • TID-322 - Cross Site Request Forgery (CSRF)
  • TID-323 - HTTP Path Traversal
  • TID-324 - HTTP Direct Object Reference
  • TID-325 - HTTP Injection/Response Splitting
  • TID-326 - Insecure Deserialization
  • TID-327 - Out of Bounds Memory Access
  • TID-329 - Improper Password Storage
  • TID-330 - Cryptographic Timing Side-Channel