System Software

• TID-201 - Inadequate Bootloader Protection and Verification
• TID-202 - Exploitable System Network Stack Component
• TID-218 - Operating System Susceptible to Rootkit
• TID-203 - Malicious OS Kernel Driver/Module Installable
• TID-204 - Untrusted Programs Can Access Privileged OS Functions
• TID-205 - Existing OS Tools Maliciously Used for Device Manipulation
• TID-206 - Memory Management Protections Subverted
• TID-207 - Container Escape
• TID-208 - Virtual Machine Escape
• TID-209 - Host Can Manipulate Guest Virtual Machines
• TID-210 - Device Vulnerabilities Unpatchable
• TID-211 - Device Allows Unauthenticated Firmware Installation
• TID-212 - FW/SW Update Integrity Shared Secrets Extraction
• TID-213 - Faulty FW/SW Update Integrity Verification
• TID-214 - Secrets Extracted from Device Root of Trust
• TID-215 - Unencrypted SW/FW Updates
• TID-216 - Firmware Update Rollbacks Allowed
• TID-217 - Remotely Initiated Updates Can Cause DoS
• TID-219 - OS/Kernel Privilege Escalation
• TID-220 - Unpatchable Hardware Root of Trust
• TID-221 - Authentication Bypass By Message Replay
• TID-222 - Critical System Service May Be Disabled
• TID-223 - System Susceptible to RAM Scraping
• TID-224 - Excessive Access via Software Diagnostic Features