CVE: CVE-2002-0671

Export to Word

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applications, which could allow remote attackers to install Trojan horse applications via DNS spoofing.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.00509
Percentile: 0.65362

CVSS Scoring

CVSS v3.1 Score: 9.8

Severity: CRITICAL

Mapped CWE(s)

CWE-494 : Download of Code Without Integrity Check

All CAPEC(s)

CAPEC-184: Software Integrity Attack
CAPEC-185: Malicious Software Download
CAPEC-186: Malicious Software Update
CAPEC-187: Malicious Automated Software Update via Redirection
CAPEC-533: Malicious Manual Software Update
CAPEC-538: Open-Source Library Manipulation
CAPEC-657: Malicious Automated Software Update via Spoofing
CAPEC-662: Adversary in the Browser (AiTB)
CAPEC-691: Spoof Open-Source Software Metadata
CAPEC-692: Spoof Version Control System Commit Metadata
CAPEC-693: StarJacking
CAPEC-695: Repo Jacking

CAPEC(s) with Mapped TTPs

CAPEC-186: Malicious Software Update
Mapped TTPs:
- T1195.002 : Compromise Software Supply Chain
CAPEC-187: Malicious Automated Software Update via Redirection
Mapped TTPs:
- T1072 : Software Deployment Tools
CAPEC-538: Open-Source Library Manipulation
Mapped TTPs:
- T1195.001 : Compromise Software Dependencies and Development Tools
CAPEC-657: Malicious Automated Software Update via Spoofing
Mapped TTPs:
- T1072 : Software Deployment Tools
CAPEC-662: Adversary in the Browser (AiTB)
Mapped TTPs:
- T1185 : Browser Session Hijacking
CAPEC-691: Spoof Open-Source Software Metadata
Mapped TTPs:
- T1195.001 : Compromise Software Dependencies and Development Tools
- T1195.002 : Compromise Software Supply Chain
CAPEC-695: Repo Jacking
Mapped TTPs:
- T1195.001 : Compromise Software Dependencies and Development Tools

Mapped ATT&CK TTPs

T1195.002 : Compromise Software Supply Chain
Kill Chain: initial-access
T1072 : Software Deployment Tools
Kill Chain: execution
T1195.001 : Compromise Software Dependencies and Development Tools
Kill Chain: initial-access
T1072 : Software Deployment Tools
Kill Chain: execution
T1185 : Browser Session Hijacking
Kill Chain: collection
T1195.001 : Compromise Software Dependencies and Development Tools
Kill Chain: initial-access
T1195.002 : Compromise Software Supply Chain
Kill Chain: initial-access
T1195.001 : Compromise Software Dependencies and Development Tools
Kill Chain: initial-access

Malware

APTs Threat Group Associations

Campaigns

SolarWinds Compromise
C0018

Affected Products

cpe:2.3:o:pingtel:xpressa_firmware:1.2.5:*:*:*:*:*:*:*
cpe:2.3:o:pingtel:xpressa_firmware:1.2.7.4:*:*:*:*:*:*:*

← Back to Home