1. Home
  2. ATT&CK Techniques
  3. T1499.004 Application or System Exploitation

T1499.004 Application or System Exploitation Mappings

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users. (Citation: Sucuri BIND9 August 2015) Some systems may automatically restart critical applications and services when crashes occur, but they can likely be re-exploited to cause a persistent DoS condition.

View in MITRE ATT&CK®

NIST 800-53 Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
AC-3 Access Enforcement Protects T1499.004 Application or System Exploitation
AC-4 Information Flow Enforcement Protects T1499.004 Application or System Exploitation
CA-7 Continuous Monitoring Protects T1499.004 Application or System Exploitation
CM-6 Configuration Settings Protects T1499.004 Application or System Exploitation
CM-7 Least Functionality Protects T1499.004 Application or System Exploitation
SC-7 Boundary Protection Protects T1499.004 Application or System Exploitation
SI-10 Information Input Validation Protects T1499.004 Application or System Exploitation
SI-15 Information Output Filtering Protects T1499.004 Application or System Exploitation
SI-4 System Monitoring Protects T1499.004 Application or System Exploitation

Azure Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
azure_private_link Azure Private Link technique_scores T1499.004 Application or System Exploitation
azure_automation_update_management Azure Automation Update Management technique_scores T1499.004 Application or System Exploitation
Comments
This control provides significant protection against Denial of Service (DOS) attacks that leverage system/application vulnerabilities as opposed to volumetric attacks since it enables automated updates of software and rapid configuration change management.
References