Loading EN-304-626.md +7 −7 Original line number Diff line number Diff line Loading @@ -1827,10 +1827,10 @@ The risk factors by type are: Attacker may use unknown exploitable vulnerabilities in the product implementation to get unauthorized access to product assets. | Risk factors | Likelihood | Security profiles | |---------------------------------------------------|------------|----------------------------------------------| | max(NUSR, CUSR, DATA, PHYS, TNET, FNET, UEIN) = 0 | Low | LR, IoT-1 | | max(NUSR, CUSR, DATA, PHYS, TNET, FNET, UEIN) = 1 | Medium | IoT-2, IoT-3, WE-1 | | max(NUSR, CUSR, DATA, PHYS, TNET, FNET, UEIN) = 2 | High | RO-1, OT-1, MOB-1, PC-\*, LA-\*, PS-1, SE-\* | |-------------------------------------------------|------------|----------------------------------------------------| | max(NUSR, CUSR, DATA, PHYS, FNET) = 0 or SA-LOW | Low | LR, IoT-1 | | all others | Medium | IoT-2, IoT-3, WE-1, RO-1, OT-1, PC-\*, PS-1, SE-\* | | max(NUSR, CUSR, DATA, PHYS, FNET) = 2 & SA-HIGH | High | MOB-1, LA-\* | | Risk factors | Impact | Security profiles | |---------------------------------|--------|----------------------------------------------------------------------| Loading @@ -1842,9 +1842,9 @@ Requirements that mitigate this threat: SSDD, MSAF, LMII, LMAS, DMIN, LOGG Mitigations for Likelihood: * Medium to Low: SSCA, SCFS, MMAC, ADEF, PDDI-\* * Medium to Low: SSCA, SCFS, MMAC, ADEF, PDDI-2 if CUSR = 2, PDDI-3 if if FNET = 2 * High to Low: SSCA, MMAC, (FZ95 or BTIN or IMSL), SCFS, (PMSC or TRMD), ASLR, MSAF-\*, MZRO-\*, MRWX-\*, NKAM, PLLC, MRCO, ADEF, PDDI-\*, DJST, JSTY * High to Low: SSCA, MMAC, (FZ95 or BTIN or IMSL), SCFS, ASLR, MSAF-\*, MZRO-\*, MRWX-\*, NKAM, PLLC, MRCO, ADEF, PDDI-\*, DJST, JSTY Mitigations for Impact: Loading Loading
EN-304-626.md +7 −7 Original line number Diff line number Diff line Loading @@ -1827,10 +1827,10 @@ The risk factors by type are: Attacker may use unknown exploitable vulnerabilities in the product implementation to get unauthorized access to product assets. | Risk factors | Likelihood | Security profiles | |---------------------------------------------------|------------|----------------------------------------------| | max(NUSR, CUSR, DATA, PHYS, TNET, FNET, UEIN) = 0 | Low | LR, IoT-1 | | max(NUSR, CUSR, DATA, PHYS, TNET, FNET, UEIN) = 1 | Medium | IoT-2, IoT-3, WE-1 | | max(NUSR, CUSR, DATA, PHYS, TNET, FNET, UEIN) = 2 | High | RO-1, OT-1, MOB-1, PC-\*, LA-\*, PS-1, SE-\* | |-------------------------------------------------|------------|----------------------------------------------------| | max(NUSR, CUSR, DATA, PHYS, FNET) = 0 or SA-LOW | Low | LR, IoT-1 | | all others | Medium | IoT-2, IoT-3, WE-1, RO-1, OT-1, PC-\*, PS-1, SE-\* | | max(NUSR, CUSR, DATA, PHYS, FNET) = 2 & SA-HIGH | High | MOB-1, LA-\* | | Risk factors | Impact | Security profiles | |---------------------------------|--------|----------------------------------------------------------------------| Loading @@ -1842,9 +1842,9 @@ Requirements that mitigate this threat: SSDD, MSAF, LMII, LMAS, DMIN, LOGG Mitigations for Likelihood: * Medium to Low: SSCA, SCFS, MMAC, ADEF, PDDI-\* * Medium to Low: SSCA, SCFS, MMAC, ADEF, PDDI-2 if CUSR = 2, PDDI-3 if if FNET = 2 * High to Low: SSCA, MMAC, (FZ95 or BTIN or IMSL), SCFS, (PMSC or TRMD), ASLR, MSAF-\*, MZRO-\*, MRWX-\*, NKAM, PLLC, MRCO, ADEF, PDDI-\*, DJST, JSTY * High to Low: SSCA, MMAC, (FZ95 or BTIN or IMSL), SCFS, ASLR, MSAF-\*, MZRO-\*, MRWX-\*, NKAM, PLLC, MRCO, ADEF, PDDI-\*, DJST, JSTY Mitigations for Impact: Loading
