CVE: CVE-2008-3438

Export to Word

Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

S9 – Sabotage of System/App

EPSS

Score: 0.0043
Percentile: 0.61697

CVSS Scoring

CVSS v3.1 Score: 8.1

Severity: HIGH

Mapped CWE(s)

CWE-494 : Download of Code Without Integrity Check

All CAPEC(s)

CAPEC-184: Software Integrity Attack
CAPEC-185: Malicious Software Download
CAPEC-186: Malicious Software Update
CAPEC-187: Malicious Automated Software Update via Redirection
CAPEC-533: Malicious Manual Software Update
CAPEC-538: Open-Source Library Manipulation
CAPEC-657: Malicious Automated Software Update via Spoofing
CAPEC-662: Adversary in the Browser (AiTB)
CAPEC-691: Spoof Open-Source Software Metadata
CAPEC-692: Spoof Version Control System Commit Metadata
CAPEC-693: StarJacking
CAPEC-695: Repo Jacking

CAPEC(s) with Mapped TTPs

CAPEC-186: Malicious Software Update
Mapped TTPs:
- T1195.002 : Compromise Software Supply Chain
CAPEC-187: Malicious Automated Software Update via Redirection
Mapped TTPs:
- T1072 : Software Deployment Tools
CAPEC-538: Open-Source Library Manipulation
Mapped TTPs:
- T1195.001 : Compromise Software Dependencies and Development Tools
CAPEC-657: Malicious Automated Software Update via Spoofing
Mapped TTPs:
- T1072 : Software Deployment Tools
CAPEC-662: Adversary in the Browser (AiTB)
Mapped TTPs:
- T1185 : Browser Session Hijacking
CAPEC-691: Spoof Open-Source Software Metadata
Mapped TTPs:
- T1195.001 : Compromise Software Dependencies and Development Tools
- T1195.002 : Compromise Software Supply Chain
CAPEC-695: Repo Jacking
Mapped TTPs:
- T1195.001 : Compromise Software Dependencies and Development Tools

Mapped ATT&CK TTPs

T1195.002 : Compromise Software Supply Chain
Kill Chain: initial-access
T1072 : Software Deployment Tools
Kill Chain: execution
T1195.001 : Compromise Software Dependencies and Development Tools
Kill Chain: initial-access
T1072 : Software Deployment Tools
Kill Chain: execution
T1185 : Browser Session Hijacking
Kill Chain: collection
T1195.001 : Compromise Software Dependencies and Development Tools
Kill Chain: initial-access
T1195.002 : Compromise Software Supply Chain
Kill Chain: initial-access
T1195.001 : Compromise Software Dependencies and Development Tools
Kill Chain: initial-access

Malware

APTs Threat Group Associations

Campaigns

SolarWinds Compromise
C0018

Affected Products

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

← Back to Home