1. Home
  2. ATT&CK Techniques
  3. T1204.001 Malicious Link

T1204.001 Malicious Link Mappings

An adversary may rely upon a user clicking a malicious link in order to gain execution. Users may be subjected to social engineering to get them to click on a link that will lead to code execution. This user action will typically be observed as follow-on behavior from Spearphishing Link. Clicking on a link may also lead to other execution techniques such as exploitation of a browser or application vulnerability via Exploitation for Client Execution. Links may also lead users to download files that require execution via Malicious File.

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
AC-4 Information Flow Enforcement Protects T1204.001 Malicious Link
CA-7 Continuous Monitoring Protects T1204.001 Malicious Link
CM-2 Baseline Configuration Protects T1204.001 Malicious Link
CM-6 Configuration Settings Protects T1204.001 Malicious Link
CM-7 Least Functionality Protects T1204.001 Malicious Link
SC-44 Detonation Chambers Protects T1204.001 Malicious Link
SC-7 Boundary Protection Protects T1204.001 Malicious Link
SI-2 Flaw Remediation Protects T1204.001 Malicious Link
SI-3 Malicious Code Protection Protects T1204.001 Malicious Link
SI-4 System Monitoring Protects T1204.001 Malicious Link
SI-8 Spam Protection Protects T1204.001 Malicious Link
CVE-2019-16009 Cisco IOS 12.2(15)B exploitation_technique T1204.001 Malicious Link
CVE-2019-1941 Cisco Identity Services Engine Software exploitation_technique T1204.001 Malicious Link
CVE-2019-1838 Cisco Application Policy Infrastructure Controller (APIC) exploitation_technique T1204.001 Malicious Link
CVE-2020-3233 Cisco IOx exploitation_technique T1204.001 Malicious Link
CVE-2018-15401 Cisco Hosted Collaboration Mediation Fulfillment exploitation_technique T1204.001 Malicious Link
CVE-2020-3137 Cisco Email Security Appliance (ESA) exploitation_technique T1204.001 Malicious Link
CVE-2019-1857 Cisco HyperFlex HX-Series exploitation_technique T1204.001 Malicious Link
CVE-2019-1764 Cisco Wireless IP Phone 8821 and 8821-EX exploitation_technique T1204.001 Malicious Link
CVE-2019-1665 Cisco HyperFlex HX-Series exploitation_technique T1204.001 Malicious Link
CVE-2019-15994 Cisco Stealthwatch Enterprise exploitation_technique T1204.001 Malicious Link
CVE-2018-15393 Cisco Content Security Management Appliance (SMA) exploitation_technique T1204.001 Malicious Link
CVE-2020-3121 Cisco 550X Series Stackable Managed Switches exploitation_technique T1204.001 Malicious Link
CVE-2020-3356 Cisco Data Center Network Manager exploitation_technique T1204.001 Malicious Link
CVE-2020-3349 Cisco Data Center Network Manager exploitation_technique T1204.001 Malicious Link
CVE-2019-3754 Unity Operating Environment exploitation_technique T1204.001 Malicious Link
CVE-2020-5336 RSA Archer exploitation_technique T1204.001 Malicious Link
CVE-2019-3708 Dell EMC IsilonSD Management Server exploitation_technique T1204.001 Malicious Link
CVE-2020-5269 PrestaShop exploitation_technique T1204.001 Malicious Link
CVE-2020-11030 WordPress exploitation_technique T1204.001 Malicious Link
CVE-2020-11023 jQuery exploitation_technique T1204.001 Malicious Link
CVE-2020-15182 soycms exploitation_technique T1204.001 Malicious Link
CVE-2020-5264 PrestaShop exploitation_technique T1204.001 Malicious Link
CVE-2020-11082 Kaminari exploitation_technique T1204.001 Malicious Link
CVE-2020-5271 PrestaShop exploitation_technique T1204.001 Malicious Link
CVE-2019-13511 Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier exploitation_technique T1204.001 Malicious Link
CVE-2020-12038 EDS Subsystem, FactoryTalk Linx software (Previously called RSLinx Enterprise), RSLinx Classic, RSNetWorx software, Studio 5000 Logix Designer software exploitation_technique T1204.001 Malicious Link
CVE-2016-3714 n/a uncategorized T1204.001 Malicious Link
CVE-2015-0071 n/a uncategorized T1204.001 Malicious Link
action.malware.variety.Unknown Unknown related-to T1204.001 User Execution: Malicious Link
action.malware.vector.Email link Email via embedded link. Child of 'Email' related-to T1204.001 User Execution: Malicious Link
action.social.variety.Phishing Phishing (or any type of *ishing) related-to T1204.001 User Execution: Malicious Link