Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users. (Citation: Sucuri BIND9 August 2015) Some systems may automatically restart critical applications and services when crashes occur, but they can likely be re-exploited to cause a persistent denial of service (DoS) condition.
Adversaries may exploit known or zero-day vulnerabilities to crash applications and/or systems, which may also lead to dependent applications and/or systems to be in a DoS condition. Crashed or restarted applications or systems may also have other effects such as Data Destruction, Firmware Corruption, Service Stop etc. which may further cause a DoS condition and deny availability to critical information, applications and/or systems.
View in MITRE ATT&CK®| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name |
|---|---|---|---|---|
| AC-03 | Access Enforcement | Protects | T1499.004 | Application or System Exploitation |
| AC-04 | Information Flow Enforcement | Protects | T1499.004 | Application or System Exploitation |
| CA-07 | Continuous Monitoring | Protects | T1499.004 | Application or System Exploitation |
| CM-06 | Configuration Settings | Protects | T1499.004 | Application or System Exploitation |
| CM-07 | Least Functionality | Protects | T1499.004 | Application or System Exploitation |
| SC-07 | Boundary Protection | Protects | T1499.004 | Application or System Exploitation |
| SI-10 | Information Input Validation | Protects | T1499.004 | Application or System Exploitation |
| SI-15 | Information Output Filtering | Protects | T1499.004 | Application or System Exploitation |
| SI-04 | System Monitoring | Protects | T1499.004 | Application or System Exploitation |