Loading EN-304-626.md +5 −27 Original line number Diff line number Diff line Loading @@ -1961,7 +1961,7 @@ Attacker may use known exploitable vulnerabilities in the product implementation | max(PPII, SNDS, SNDT, SENF) = 1 | Medium | IoT-2, IoT-3 | | max(PPII, SNDS, SNDT, SENF) = 2 | High | WE-2, RO-1, IoT-3, WE-1, PC-\*, LA-1, PS-1, OT-1, MOB-1, LA-2, SE-\* | Requirements that mitigate this threat: NKEV, SSDD, MIME, LMII, SCUD, LMAS, DMIN, LOGG, VULH Requirements that mitigate this threat: NKEV, SSDD, MIME, LMII, SCUD, LMAS, DMIN, AVAI, LOGG, VULH All mitigations from TH-UEVU apply (using that requirement's risk formula), in addition to: Loading @@ -1971,6 +1971,10 @@ Mitigations for Likelihood: * High to Low: KEVD, KEVA, (KEVT or SCAN), KEVM, (SUAP or SUAO), VULH Mitigations for Impact: * High to Low: WDOG #### C.4.3.3 TH-CONF: Access to assets via configuration errors Attacker may use configuration errors to get unauthorized access to the product assets. Loading Loading @@ -2031,32 +2035,6 @@ Mitigations for Impact: * High to Low: DJST #### C.4.3.5 TH-AVAI: Denial of service attack on product via exploitation of vulnerabilities Attacker may exploit vulnerabilities in the product to reduce availability of product assets. | Risk factors | Likelihood | Security profiles | |----------------------------------------------|------------|------------------------------| | max(PHY, SFT, NET) = 0 or COM = 0 or ADM = 0 | Low | WD-1 | | all others | Medium | WD-2, WD-3, WD-4, WL-1, VI-1 | | max(PHY, SFT, NET) = 2 & COM = 2 & ADM = 2 | High | WL-2, WL-3, VI-2 | | Risk factors | Impact | Security profiles | |---------------------------|--------|-------------------------| | max(SNDS, SNDT, SENF) = 0 | Low | none | | max(SNDS, SNDT, SENF) = 1 | Medium | WD-1, WD-3, WL-\*, VI-1 | | max(SNDS, SNDT, SENF) = 2 | High | WD-2, WD-4, VI-2 | Requirements that mitigate this threat: NKEV, AVAI, LMII, LMAS, LOGG, VULH All mitigations for TH-KEVU apply (using that requirement's risk formula), plus: Mitigations for Impact: * Medium to Low: (NTFY or WDOG) * High to Low: NTFY, WDOG #### C.4.3.6 TH-PDOS: Denial of service attack on product functions via system or network access Attacker may use host system or network access for a denial-of-service attack on product functions. Loading Loading
EN-304-626.md +5 −27 Original line number Diff line number Diff line Loading @@ -1961,7 +1961,7 @@ Attacker may use known exploitable vulnerabilities in the product implementation | max(PPII, SNDS, SNDT, SENF) = 1 | Medium | IoT-2, IoT-3 | | max(PPII, SNDS, SNDT, SENF) = 2 | High | WE-2, RO-1, IoT-3, WE-1, PC-\*, LA-1, PS-1, OT-1, MOB-1, LA-2, SE-\* | Requirements that mitigate this threat: NKEV, SSDD, MIME, LMII, SCUD, LMAS, DMIN, LOGG, VULH Requirements that mitigate this threat: NKEV, SSDD, MIME, LMII, SCUD, LMAS, DMIN, AVAI, LOGG, VULH All mitigations from TH-UEVU apply (using that requirement's risk formula), in addition to: Loading @@ -1971,6 +1971,10 @@ Mitigations for Likelihood: * High to Low: KEVD, KEVA, (KEVT or SCAN), KEVM, (SUAP or SUAO), VULH Mitigations for Impact: * High to Low: WDOG #### C.4.3.3 TH-CONF: Access to assets via configuration errors Attacker may use configuration errors to get unauthorized access to the product assets. Loading Loading @@ -2031,32 +2035,6 @@ Mitigations for Impact: * High to Low: DJST #### C.4.3.5 TH-AVAI: Denial of service attack on product via exploitation of vulnerabilities Attacker may exploit vulnerabilities in the product to reduce availability of product assets. | Risk factors | Likelihood | Security profiles | |----------------------------------------------|------------|------------------------------| | max(PHY, SFT, NET) = 0 or COM = 0 or ADM = 0 | Low | WD-1 | | all others | Medium | WD-2, WD-3, WD-4, WL-1, VI-1 | | max(PHY, SFT, NET) = 2 & COM = 2 & ADM = 2 | High | WL-2, WL-3, VI-2 | | Risk factors | Impact | Security profiles | |---------------------------|--------|-------------------------| | max(SNDS, SNDT, SENF) = 0 | Low | none | | max(SNDS, SNDT, SENF) = 1 | Medium | WD-1, WD-3, WL-\*, VI-1 | | max(SNDS, SNDT, SENF) = 2 | High | WD-2, WD-4, VI-2 | Requirements that mitigate this threat: NKEV, AVAI, LMII, LMAS, LOGG, VULH All mitigations for TH-KEVU apply (using that requirement's risk formula), plus: Mitigations for Impact: * Medium to Low: (NTFY or WDOG) * High to Low: NTFY, WDOG #### C.4.3.6 TH-PDOS: Denial of service attack on product functions via system or network access Attacker may use host system or network access for a denial-of-service attack on product functions. Loading
