Loading EN-304-625.md +23 −12 Original line number Diff line number Diff line Loading @@ -2010,22 +2010,33 @@ Mitigations for Impact: * High to Low: LOGG #### C.4.3.10 TH-AHHS: Harm to host system via unauthorized access through the network **[TH-AHHS]:** Attacker may use unauthorized access to the product to harm the host system. Attacker may use unauthorized access to the product through the network to harm the host system. | Risk factors | Likelihood | |-----------------------------------|------------| | max(PHY, SFT, NET) = 2 & COM > 1 | High | | max(PHY, SFT, NET) = 1 & COM > 1 | Medium | | max(PHY, SFT, NET) = 0 or COM = 0 | Low | _Note: If the attacker has physical or host system software access, they don't need to use the network device to harm the system._ | Risk factors | Impact | |-----------------------------|--------| | max(SDS, SDT, FUN, SYS) = 2 | High | | max(SDS, SDT, FUN, SYS) = 1 | Medium | | max(SDS, SDT, FUN, SYS) = 0 | Low | | Risk factors | Likelihood | Security profiles | |-------------------------------|------------|-------------------| | NET = 0 or COM = 0 or ADM = 0 | Low | WD-1, VI-1 | | all others | Medium | WD-4 | | NET = 2 & COM = 2 & ADM = 2 | High | WL-2, WL-3, VI-2 | | Risk factors | Impact | Security profiles | |--------------|--------|-------------------------------| | SYS = 0 | Low | none | | SYS = 1 | Medium | WD-1, WD-3, WL-1, VI-1 | | SYS = 2 | High | WD-2, WD-4, WL-2, WL-3, VI-2 | Requirements that mitigate this threat: NKEV, SSDD, LMII, SCUD, AUTH, LMAS, LOGG All mitigations from TH-KEVU apply, plus: Mitigations for Likelihood: * Medium to Low: AUTH Requirements: NKEV, SCUD, SSDD, LMII, LMAS, LOGG * High to Low: AUTH ### C.5.2 Mapping of use cases to risk factors and security profiles Loading Loading
EN-304-625.md +23 −12 Original line number Diff line number Diff line Loading @@ -2010,22 +2010,33 @@ Mitigations for Impact: * High to Low: LOGG #### C.4.3.10 TH-AHHS: Harm to host system via unauthorized access through the network **[TH-AHHS]:** Attacker may use unauthorized access to the product to harm the host system. Attacker may use unauthorized access to the product through the network to harm the host system. | Risk factors | Likelihood | |-----------------------------------|------------| | max(PHY, SFT, NET) = 2 & COM > 1 | High | | max(PHY, SFT, NET) = 1 & COM > 1 | Medium | | max(PHY, SFT, NET) = 0 or COM = 0 | Low | _Note: If the attacker has physical or host system software access, they don't need to use the network device to harm the system._ | Risk factors | Impact | |-----------------------------|--------| | max(SDS, SDT, FUN, SYS) = 2 | High | | max(SDS, SDT, FUN, SYS) = 1 | Medium | | max(SDS, SDT, FUN, SYS) = 0 | Low | | Risk factors | Likelihood | Security profiles | |-------------------------------|------------|-------------------| | NET = 0 or COM = 0 or ADM = 0 | Low | WD-1, VI-1 | | all others | Medium | WD-4 | | NET = 2 & COM = 2 & ADM = 2 | High | WL-2, WL-3, VI-2 | | Risk factors | Impact | Security profiles | |--------------|--------|-------------------------------| | SYS = 0 | Low | none | | SYS = 1 | Medium | WD-1, WD-3, WL-1, VI-1 | | SYS = 2 | High | WD-2, WD-4, WL-2, WL-3, VI-2 | Requirements that mitigate this threat: NKEV, SSDD, LMII, SCUD, AUTH, LMAS, LOGG All mitigations from TH-KEVU apply, plus: Mitigations for Likelihood: * Medium to Low: AUTH Requirements: NKEV, SCUD, SSDD, LMII, LMAS, LOGG * High to Low: AUTH ### C.5.2 Mapping of use cases to risk factors and security profiles Loading
