| ID | Name |
|---|---|
| T2033.001 | Code Signing |
| T2033.002 | UDS Security Access |
Adversaries may exploit code signing to bypass security measures and execute unauthorized code within vehicle systems. When updating the system, the update progress may verify if the update image is valid. Adversaries might exploit the update progress and bypass the validation check.
This technique allows adversaries to sign their malicious code with a trusted or forged digital signature, making it appear legitimate to the system. For example, adversaries could use a compromised or stolen code-signing certificate to sign their malicious code, tricking the system into thinking it is from a trusted source. This can enable them to evade detection and execute unauthorized commands or software within the vehicle's systems.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.