| Name |
Local Execution of Code |
|
| Likelyhood of attack |
Typical severity |
| Medium |
High |
|
| Summary |
An adversary installs and executes malicious code on the target system in an effort to achieve a negative technical impact. Examples include rootkits, ransomware, spyware, adware, and others. |
| Prerequisites |
Knowledge of the target system's vulnerabilities that can be capitalized on with malicious code.The adversary must be able to place the malicious code on the target system. |
| Solutions | Employ robust cybersecurity training for all employees. Implement system antivirus software that scans all attachments before opening them. Regularly patch all software. Execute all suspicious files in a sandbox environment. |
| Related Weaknesses |
|
CWE ID
|
Description
|
| CWE-829 |
Inclusion of Functionality from Untrusted Control Sphere |
|