Container Administration Command

Adversaries may abuse the Container Administration Command technique to gain unauthorized access to vehicle systems. As containers have become the standard in the automotive industry, they are vital in the software-defined vehicle architecture, providing flexibility and faster innovation. In this context, adversaries may use the Container Administration Command technique to execute arbitrary commands within containers, allowing them to manipulate critical vehicle functions.

This attack technique involves adversaries abusing the command and script interpreters within the container runtime to execute commands, scripts, or binaries. For example, adversaries may use the "docker exec" command to execute malicious scripts within a container, leading to unauthorized access and potential exploitation of vehicle systems.

ID: T2013
Sub-techniques:  No sub-techniques
Tactic: Execution
Version: 1.0
Created: 03 December 2023
Last Modified: 03 December 2023
ATT&CK Reference:  T1609

Mitigations

This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.