hacker gets remote access to configuration interface via internet by trying default credentials

Demo SmartLightSwitch / Threat Analysis / hacker gets remote access to configuration interface via internet by trying default credentials

Project:

Threat Analysis

hacker gets remote access to configuration interface via internet by trying default credentials : Public <<Uncontrolled Threat Scenario>> UseCase

Created:	22.01.2024 12:34:00
Modified:	22.01.2024 12:45:16

Project:
Author:	Simon Eschlberger
Version:	1.0
Phase:	1.0
Status:	Proposed
Complexity:	Easy
Difficulty:
Priority:
Multiplicity:
Advanced:
UUID:	{B0C824A1-C90D-49ee-9630-84ED454DA1B4}
Appears In:	Threat Analysis, Impact Analysis

Associations To
Associations From
Advanced

Element	Source Role	Target Role
«Damage Scenario» Compromisation of user privacy of switch toggle actions UseCase «leads to»	Name:	Name:
Details:

Element	Source Role	Target Role
«Cybersecurity Asset» Integrity of stored configuration data Component «compromised by»	Name:	Name:
Details:
«Vulnerability» Unchanged general default credentials for configuration interface Class «involved in»	Name:	Name:
Details:
«Cybersecurity Asset» Privacy concerns of user input Component «compromised by»	Name:	Name:
Details:
«Risk» System sabotage by unauthorized removal of registered devices Class «emerging from»	Name:	Name:
Details:
«Risk» Rogue devices catch user input and send information to malicious person Class «emerging from»	Name:	Name:
Details:
«Threat Actor» Johnny Ripperson Actor «involved in»	Name:	Name:
Details:

Property	Value
isFinalSpecialization:	0