CAPEC Details
Name Interface Manipulation
Likelyhood of attack Typical severity
Medium Medium
Summary An adversary manipulates the use or processing of an interface (e.g. Application Programming Interface (API) or System-on-Chip (SoC)) resulting in an adverse impact upon the security of the system implementing the interface. This can allow the adversary to bypass access control and/or execute functionality not intended by the interface implementation, possibly compromising the system which integrates the interface. Interface manipulation can take on a number of forms including forcing the unexpected use of an interface or the use of an interface in an unintended way.
Prerequisites The target system must expose interface functionality in a manner that can be discovered and manipulated by an adversary. This may require reverse engineering the interface or decrypting/de-obfuscating client-server exchanges.
Related Weaknesses
CWE ID Description
CWE-227 7PK - API Abuse
CWE-1192 System-on-Chip (SoC) Using Components without Unique, Immutable Identifiers