Loading EN-304-620-1.md +18 −70 Original line number Diff line number Diff line Loading @@ -680,23 +680,19 @@ The mitigations that reduce risk by type are: * Likelihood: ROUT-1, CONF-\*, AUTH-\*, IPV6-\*, CRYPT-\* * Impact: ROUT-2, ROUT-3, NUTI-\*, DNSL-\*, EISO, TRAF-\*, NPII-\* ### C.4.3 List of threats and risk assessments > TODO-HAS: Renumber C.x tables > TODO-HAS: Add below threats - Data leaks - End-point compromise - End-point malware hijacking traffic or recording activity - Unauthorised but authenticated access by a compromised node/end-point - Misconfigured end-point exposing authentication information - DoS attack on manufacturer's remote data processing - manufacturer infra compromise & isolation bugs in a multi-tenant SaaS system - Activity exposure via unauthorised log access - Out-of-the-box configuration that necessarily requires modification to be secure ### C.4.x TH-UEVU: Unknown exploitable vulnerabilities ### C.4.x TH-UEV: Unknown exploitable vulnerabilities Attacker may use unknown exploitable vulnerabilities in the product implementation to get unauthorized access to product assets. Loading Loading @@ -726,7 +722,7 @@ Mitigations for Impact: * High to Low: NPII-\*, LOGG ### C.4.x TH-KEVU: Known exploitable vulnerabilities ### C.4.x TH-KEV: Known exploitable vulnerabilities Attacker may use known exploitable vulnerabilities in the product implementation to get unauthorized access to product assets. Loading @@ -752,7 +748,7 @@ Mitigations for Likelihood: * High to Low: KEVD, KEVA, (KEVT or SCAN), KEVM, (SUAP or SUAO), VULH **[TH-EPC]:** Attacker may gain access to an endpoint, exposing traffic, private network, or PII. ### C.4.x TH-EPC: Attacker may gain access to an endpoint, exposing traffic, private network, or PII. | Risk factors | Likelihood | |-----------------------------|------------| Loading @@ -760,19 +756,15 @@ Mitigations for Likelihood: | CFG = 1 or ADM > 1 | Medium | | CFG = 0 & AUT < 2 & ADM < 2 | Low | _Table C.1_ | Risk factors | Impact | Security profile | |-------------------|--------|------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.2_ Requirements: AUTH, EISO, TRAF, DMIN, CRYPT **[TH-RDP]:** Attacker launches denial of service attack on manufacturer remote data processing ### C.4.x TH-RDP: Attacker launches denial of service attack on manufacturer remote data processing | Risk factors | Impact | |-------------------------------|--------| Loading @@ -784,27 +776,7 @@ _Table C.3_ Requirements: TODO (RDPS) **[TH-KEVU]:** Attacker may use known exploitable vulnerabilities in the underlying VPN protocol to get unauthorized access to product assets. | Risk factors | Likelihood | |--------------------|------------| | CFG > 1 & ADM = 2 | High | | CFG > 1 or ADM = 1 | Medium | | CFG = 0 & ADM = 0 | Low | _Table C.4_ | Risk factors | Impact | Security profile | |-------------------|--------|------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.5_ Requirements: TODO **[TH-MITM]:** Attacker attempts to read or modify traffic by capturing and relaying activity between endpoints ### C.4.x TH-MTM: Attacker attempts to read or modify traffic by capturing and relaying activity between endpoints | Risk factors | Likelihood | Security profile | |--------------|------------|------------------| Loading @@ -812,16 +784,12 @@ Requirements: TODO | all others | Medium | SP-2 | | ADM = 0 | Low | SP-4 | _Table C.6_ | Risk factors | Impact | Security profile | |-------------------|--------|------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.7_ Requirements: CRYPT, NPII, LOGG | Likelihood | Impact | Mitigation | Security profile | Loading @@ -829,7 +797,7 @@ Requirements: CRYPT, NPII, LOGG | High | High | CRYPT-1, CRYPT-2, NPII-2, LOGG | SP-3 | | all others | all others | CRYPT-2, LOGG | SP-1, SP-2, SP-4 | **[TH-LEAK]:** Attacker reads sensitive data sent outside the VPN connection by the product. ### C.4.x TH-LEK: Attacker reads sensitive data sent outside the VPN connection by the product. | Risk factors | Likelihood | Security profile | |--------------|------------|------------------| Loading @@ -837,16 +805,12 @@ Requirements: CRYPT, NPII, LOGG | DNC = 1 | Medium | none | | DNC = 0 | Low | none | _Table C.8_ | Risk factors | Impact | Security profile | |-------------------|--------|------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.9_ Requirements that mitigate this threat: ROUT, CONF, DNSL, IPv6, CRYPT Mitigations for Likelihood: Loading @@ -861,24 +825,20 @@ Mitigations for Impact: * High to Low: NPII-\*, NPII- LOGG **[TH-PLAIN]:** Transmitting data in the clear ### C.4.x TH-PLN: Transmitting data in the clear | Risk factors | Likelihood | Security profile | |------------------|------------|------------------| |--------------------|------------|------------------| | CFG = 2 or ADM = 2 | High | SP-\* | | CFG = 1 | Medium | none | | CFG = 0 | Low | none | _Table C.10_ | Risk factors | Impact | Security profile | |-------------------|--------|------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.11_ Requirements that mitigate this threat: CRYPT, SCDL, AUTH, ROUT, DNSL Mitigations for Likelihood: Loading @@ -893,7 +853,7 @@ Mitigations for Impact: * High to Medium: CRYPT-\*, SCDL-\*, ROUT-\*, AUTH-\* **[TH-UNAA]:** Someone is trying to login to your VPN ### C.4.x TH-UNA: Someone is trying to login to your VPN | Risk factors | Likelihood | Security profile | |--------------|------------|------------------| Loading @@ -901,16 +861,12 @@ Mitigations for Impact: | ADM = 1 | Medium | none | | ADM = 0 | Low | none | _Table C.12_ | Risk factors | Impact | Security profile | |-------------------|--------|------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.13_ Requirements that mitigate this threat: AUTH, LOGG Mitigations for Likelihood: Loading @@ -925,7 +881,7 @@ Mitigations for Impact: * High to Medium: AUTH-\*, LOGG-\* **[TH-LDEL]:** Attacker deletes local logs to hide activity ### C.4.x TH-LDEL: Attacker deletes local logs to hide activity | Risk factors | Likelihood | Security profile | |--------------|------------|------------------| Loading @@ -933,16 +889,12 @@ Mitigations for Impact: | ADM = 1 | Medium | none | | ADM = 0 | Low | none | _Table C.14_ | Risk factors | Impact | Security profile | |-------------------|--------|------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.15_ Requirements that mitigate this threat: LOGG-\* Mitigations for Likelihood: Loading @@ -957,15 +909,13 @@ Mitigations for Impact: * High to Medium: LOGG-\* **[TH-XXXX]:** ### C.4.x TH-XXXX: DESCRIPTION | Risk factors | Likelihood | Security profile | |--------------|------------|------------------| | DNC = 2 | High | SP-\* | | DNC = 1 | Medium | none | | DNC = 0 | Low | none | _Table C.X_ | | High | | | | Medium | | | | Low | | | Risk factors | Impact | Security profile | |-------------------|--------|------------------| Loading @@ -973,8 +923,6 @@ _Table C.X_ | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.X_ Requirements that mitigate this threat: Mitigations for Likelihood: Loading Loading
EN-304-620-1.md +18 −70 Original line number Diff line number Diff line Loading @@ -680,23 +680,19 @@ The mitigations that reduce risk by type are: * Likelihood: ROUT-1, CONF-\*, AUTH-\*, IPV6-\*, CRYPT-\* * Impact: ROUT-2, ROUT-3, NUTI-\*, DNSL-\*, EISO, TRAF-\*, NPII-\* ### C.4.3 List of threats and risk assessments > TODO-HAS: Renumber C.x tables > TODO-HAS: Add below threats - Data leaks - End-point compromise - End-point malware hijacking traffic or recording activity - Unauthorised but authenticated access by a compromised node/end-point - Misconfigured end-point exposing authentication information - DoS attack on manufacturer's remote data processing - manufacturer infra compromise & isolation bugs in a multi-tenant SaaS system - Activity exposure via unauthorised log access - Out-of-the-box configuration that necessarily requires modification to be secure ### C.4.x TH-UEVU: Unknown exploitable vulnerabilities ### C.4.x TH-UEV: Unknown exploitable vulnerabilities Attacker may use unknown exploitable vulnerabilities in the product implementation to get unauthorized access to product assets. Loading Loading @@ -726,7 +722,7 @@ Mitigations for Impact: * High to Low: NPII-\*, LOGG ### C.4.x TH-KEVU: Known exploitable vulnerabilities ### C.4.x TH-KEV: Known exploitable vulnerabilities Attacker may use known exploitable vulnerabilities in the product implementation to get unauthorized access to product assets. Loading @@ -752,7 +748,7 @@ Mitigations for Likelihood: * High to Low: KEVD, KEVA, (KEVT or SCAN), KEVM, (SUAP or SUAO), VULH **[TH-EPC]:** Attacker may gain access to an endpoint, exposing traffic, private network, or PII. ### C.4.x TH-EPC: Attacker may gain access to an endpoint, exposing traffic, private network, or PII. | Risk factors | Likelihood | |-----------------------------|------------| Loading @@ -760,19 +756,15 @@ Mitigations for Likelihood: | CFG = 1 or ADM > 1 | Medium | | CFG = 0 & AUT < 2 & ADM < 2 | Low | _Table C.1_ | Risk factors | Impact | Security profile | |-------------------|--------|------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.2_ Requirements: AUTH, EISO, TRAF, DMIN, CRYPT **[TH-RDP]:** Attacker launches denial of service attack on manufacturer remote data processing ### C.4.x TH-RDP: Attacker launches denial of service attack on manufacturer remote data processing | Risk factors | Impact | |-------------------------------|--------| Loading @@ -784,27 +776,7 @@ _Table C.3_ Requirements: TODO (RDPS) **[TH-KEVU]:** Attacker may use known exploitable vulnerabilities in the underlying VPN protocol to get unauthorized access to product assets. | Risk factors | Likelihood | |--------------------|------------| | CFG > 1 & ADM = 2 | High | | CFG > 1 or ADM = 1 | Medium | | CFG = 0 & ADM = 0 | Low | _Table C.4_ | Risk factors | Impact | Security profile | |-------------------|--------|------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.5_ Requirements: TODO **[TH-MITM]:** Attacker attempts to read or modify traffic by capturing and relaying activity between endpoints ### C.4.x TH-MTM: Attacker attempts to read or modify traffic by capturing and relaying activity between endpoints | Risk factors | Likelihood | Security profile | |--------------|------------|------------------| Loading @@ -812,16 +784,12 @@ Requirements: TODO | all others | Medium | SP-2 | | ADM = 0 | Low | SP-4 | _Table C.6_ | Risk factors | Impact | Security profile | |-------------------|--------|------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.7_ Requirements: CRYPT, NPII, LOGG | Likelihood | Impact | Mitigation | Security profile | Loading @@ -829,7 +797,7 @@ Requirements: CRYPT, NPII, LOGG | High | High | CRYPT-1, CRYPT-2, NPII-2, LOGG | SP-3 | | all others | all others | CRYPT-2, LOGG | SP-1, SP-2, SP-4 | **[TH-LEAK]:** Attacker reads sensitive data sent outside the VPN connection by the product. ### C.4.x TH-LEK: Attacker reads sensitive data sent outside the VPN connection by the product. | Risk factors | Likelihood | Security profile | |--------------|------------|------------------| Loading @@ -837,16 +805,12 @@ Requirements: CRYPT, NPII, LOGG | DNC = 1 | Medium | none | | DNC = 0 | Low | none | _Table C.8_ | Risk factors | Impact | Security profile | |-------------------|--------|------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.9_ Requirements that mitigate this threat: ROUT, CONF, DNSL, IPv6, CRYPT Mitigations for Likelihood: Loading @@ -861,24 +825,20 @@ Mitigations for Impact: * High to Low: NPII-\*, NPII- LOGG **[TH-PLAIN]:** Transmitting data in the clear ### C.4.x TH-PLN: Transmitting data in the clear | Risk factors | Likelihood | Security profile | |------------------|------------|------------------| |--------------------|------------|------------------| | CFG = 2 or ADM = 2 | High | SP-\* | | CFG = 1 | Medium | none | | CFG = 0 | Low | none | _Table C.10_ | Risk factors | Impact | Security profile | |-------------------|--------|------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.11_ Requirements that mitigate this threat: CRYPT, SCDL, AUTH, ROUT, DNSL Mitigations for Likelihood: Loading @@ -893,7 +853,7 @@ Mitigations for Impact: * High to Medium: CRYPT-\*, SCDL-\*, ROUT-\*, AUTH-\* **[TH-UNAA]:** Someone is trying to login to your VPN ### C.4.x TH-UNA: Someone is trying to login to your VPN | Risk factors | Likelihood | Security profile | |--------------|------------|------------------| Loading @@ -901,16 +861,12 @@ Mitigations for Impact: | ADM = 1 | Medium | none | | ADM = 0 | Low | none | _Table C.12_ | Risk factors | Impact | Security profile | |-------------------|--------|------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.13_ Requirements that mitigate this threat: AUTH, LOGG Mitigations for Likelihood: Loading @@ -925,7 +881,7 @@ Mitigations for Impact: * High to Medium: AUTH-\*, LOGG-\* **[TH-LDEL]:** Attacker deletes local logs to hide activity ### C.4.x TH-LDEL: Attacker deletes local logs to hide activity | Risk factors | Likelihood | Security profile | |--------------|------------|------------------| Loading @@ -933,16 +889,12 @@ Mitigations for Impact: | ADM = 1 | Medium | none | | ADM = 0 | Low | none | _Table C.14_ | Risk factors | Impact | Security profile | |-------------------|--------|------------------| | DAT = 2 & FUN = 2 | High | SP-3 | | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.15_ Requirements that mitigate this threat: LOGG-\* Mitigations for Likelihood: Loading @@ -957,15 +909,13 @@ Mitigations for Impact: * High to Medium: LOGG-\* **[TH-XXXX]:** ### C.4.x TH-XXXX: DESCRIPTION | Risk factors | Likelihood | Security profile | |--------------|------------|------------------| | DNC = 2 | High | SP-\* | | DNC = 1 | Medium | none | | DNC = 0 | Low | none | _Table C.X_ | | High | | | | Medium | | | | Low | | | Risk factors | Impact | Security profile | |-------------------|--------|------------------| Loading @@ -973,8 +923,6 @@ _Table C.X_ | all others | Medium | SP-2, SP-4 | | DAT = 0 & FUN = 0 | Low | SP-1 | _Table C.X_ Requirements that mitigate this threat: Mitigations for Likelihood: Loading
