Exploitation of Backend Remote Services

Adversaries may exploit backend remote services to gain unauthorized access to backend service once inside of the vehicle. Exploitation of a software vulnerability occurs when an adversary takes advantage of a programming error in a program, service, or within the operating system software or kernel itself to execute adversary-controlled code. A common goal for post-compromise exploitation of remote services is for lateral movement to enable access to a remote system.

These backend services, while providing necessary functionality, can become targets for adversaries once initial access has been gained, for instance through a compromised infotainment system. Adversaries can then move laterally to more sensitive systems, such as those involved in vehicle control. They may exploit vulnerabilities in these services to gain unauthorized access, allowing them to issue commands or compromise other connected components within the backend network.

ID: T2051
Sub-techniques:  No sub-techniques
Version: 1.0
Created: 03 December 2023
Last Modified: 03 December 2023

Mitigations

This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.