Secure Connection Attack

Description

Secure Connection Attack

Risk Assesment: 5.4

CWE

290

757

CVE

10135

Attack Surfaces

Controller Implementation (MITRE EMB3D PID-11)

Session (MITRE EMB3D PID-41)

Authentication

Attack Vectors

Entropy downgrade (MITRE EMB3D TID-411)

Entropy downgrade (MITRE EMB3D TID-411)

Key brute force (MITRE EMB3D TID-317)

Authentication skip (MITRE EMB3D TID-411)

Authentication role switch

Authentication challenge reflection (MITRE EMB3D TID-221)

Defenses

Mutually authenticated session, Pairing key authentication