| Embedding Scripts within Scripts |
|
| Malicious Logic Insertion |
|
| Modification of Windows Service Configuration |
|
| Malicious Root Certificate |
|
| Intent Spoof |
|
| WebView Exposure |
|
| Data Injected During Configuration |
|
| Incomplete Data Deletion in a Multi-Tenant Environment |
|
CWE-284
|
Improper Access Control
|
|
CWE-1266
|
Improper Scrubbing of Sensitive Data from Decommissioned Device
|
|
CWE-1272
|
Sensitive Information Uncleared Before Debug/Power State Transition
|
|
| Install New Service |
|
| Modify Existing Service |
|
CWE-284
|
Improper Access Control
|
|
CWE-522
|
Insufficiently Protected Credentials
|
|
| Install Rootkit |
|
| Replace File Extension Handlers |
|
| Replace Trusted Executable |
|
| Modify Shared File |
|
| Add Malicious File to Shared Webroot |
|
| Run Software at Logon |
|
| Disable Security Software |
|