| Name |
Probe Audio and Video Peripherals |
|
| Likelyhood of attack |
Typical severity |
| Low |
High |
|
| Summary |
The adversary exploits the target system's audio and video functionalities through malware or scheduled tasks. The goal is to capture sensitive information about the target for financial, personal, political, or other gains which is accomplished by collecting communication data between two parties via the use of peripheral devices (e.g. microphones and webcams) or applications with audio and video capabilities (e.g. Skype) on a system. |
| Prerequisites |
Knowledge of the target device's or application’s vulnerabilities that can be capitalized on with malicious code. The adversary must be able to place the malicious code on the target device. |
| Solutions | Prevent unknown code from executing on a system through the use of an allowlist policy. Patch installed applications as soon as new updates become available. |
| Related Weaknesses |
|
CWE ID
|
Description
|
| CWE-267 |
Privilege Defined With Unsafe Actions |
|
| Related CAPECS |
|
CAPEC ID
|
Description
|
| CAPEC-545 |
An adversary who is authorized or has the ability to search known system resources, does so with the intention of gathering useful information. System resources include files, memory, and other aspects of the target system. In this pattern of attack, the adversary does not necessarily know what they are going to find when they start pulling data. This is different than CAPEC-150 where the adversary knows what they are looking for due to the common location. |
| CAPEC-651 |
An adversary intercepts a form of communication (e.g. text, audio, video) by way of software (e.g., microphone and audio recording application), hardware (e.g., recording equipment), or physical means (e.g., physical proximity). The goal of eavesdropping is typically to gain unauthorized access to sensitive information about the target for financial, personal, political, or other gains. Eavesdropping is different from a sniffing attack as it does not take place on a network-based communication channel (e.g., IP traffic). Instead, it entails listening in on the raw audio source of a conversation between two or more parties. |
|
| Taxonomy: ATTACK |
|
Entry ID
|
Entry Name
|
| 1123 |
Audio Capture |
| 1125 |
Video Capture |
|