Threat Analysis::Rogue devices catch user input and send information to malicious person

Demo SmartLightSwitch / Threat Analysis / Rogue devices catch user input and send information to malicious person

Project:

Threat Analysis

Rogue devices catch user input and send information to malicious person : Public <<Risk>> Class

Created:	22.01.2024 12:43:27
Modified:	22.01.2024 12:44:45

Project:
Author:	Simon Eschlberger
Version:	1.0
Phase:	1.0
Status:	Proposed
Complexity:	Easy
Difficulty:
Priority:
Multiplicity:
Advanced:
UUID:	{D6061718-3977-4221-B044-F8E7FC61FD6C}
Appears In:	Threat Analysis, Risk Treatment

Associations To
Associations From
Advanced

Element	Source Role	Target Role
«Controlled Threat Scenario» Two factor authentication login process UseCase «handled in»	Name:	Name:
Details:
«Uncontrolled Threat Scenario» hacker gets remote access to configuration interface via internet by trying default credentials UseCase «emerging from»	Name:	Name:
Details:

Element	Source Role	Target Role
«Cybersecurity Requirement» Accessing the basic configuration interface requires valid credentials and the pressing of a button on the device during the login process Class «observe»	Name:	Name:
Details:
«Cybersecurity Requirement» Access to the configuration interface is only possible for authenticated users Class «observe»	Name:	Name:
Details:
«Cybersecurity Asset» Privacy concerns of user input Component «exposed to»	Name:	Name:
Details:

Property	Value
isFinalSpecialization:	0