Home
ATT&CK Techniques
T1499.004 Application or System Exploitation

T1499.004 Application or System Exploitation Mappings

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users. (Citation: Sucuri BIND9 August 2015) Some systems may automatically restart critical applications and services when crashes occur, but they can likely be re-exploited to cause a persistent DoS condition.

View in MITRE ATT&CK®

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name
AC-3	Access Enforcement	Protects	T1499.004	Application or System Exploitation
AC-4	Information Flow Enforcement	Protects	T1499.004	Application or System Exploitation
CA-7	Continuous Monitoring	Protects	T1499.004	Application or System Exploitation
CM-6	Configuration Settings	Protects	T1499.004	Application or System Exploitation
CM-7	Least Functionality	Protects	T1499.004	Application or System Exploitation
SC-7	Boundary Protection	Protects	T1499.004	Application or System Exploitation
SI-10	Information Input Validation	Protects	T1499.004	Application or System Exploitation
SI-15	Information Output Filtering	Protects	T1499.004	Application or System Exploitation
SI-4	System Monitoring	Protects	T1499.004	Application or System Exploitation
CVE-2020-3292	Cisco Small Business RV Series Router Firmware	primary_impact	T1499.004	Application or System Exploitation
CVE-2019-1594	Nexus 1000V Switch for VMware vSphere	primary_impact	T1499.004	Application or System Exploitation
CVE-2019-15289	Cisco TelePresence TC Software	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-3407	Cisco IOS XE Software	primary_impact	T1499.004	Application or System Exploitation
CVE-2018-15376	Cisco IOS Software	primary_impact	T1499.004	Application or System Exploitation
CVE-2019-15276	Cisco Wireless LAN Controller (WLC)	primary_impact	T1499.004	Application or System Exploitation
CVE-2019-1746	Cisco IOS and IOS XE Software	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-3397	Cisco NX-OS Software	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-3322	Cisco Webex Network Recording Player	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-3198	Cisco IOS 12.2(60)EZ16	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-3510	Cisco IOS XE Software	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-3409	Cisco IOS	primary_impact	T1499.004	Application or System Exploitation
CVE-2018-15392	Cisco Industrial Network Director	primary_impact	T1499.004	Application or System Exploitation
CVE-2018-11048	Data Protection Advisor	secondary_impact	T1499.004	Application or System Exploitation
CVE-2020-5210	NetHack	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-15100	freewvs	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-11090	Indy Node	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-11019	FreeRDP	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-15137	HoRNDIS	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-4068	APNSwift	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-15208	tensorflow	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-11039	FreeRDP	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-15199	tensorflow	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-11044	FreeRDP	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-11068	LoRaMac-node	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-5253	NetHack	primary_impact	T1499.004	Application or System Exploitation
CVE-2018-7499	WebAccess	primary_impact	T1499.004	Application or System Exploitation
CVE-2019-6522	Moxa IKS, EDS	primary_impact	T1499.004	Application or System Exploitation
CVE-2019-10980	LCDS LAquis SCADA	primary_impact	T1499.004	Application or System Exploitation
CVE-2019-6538	Medtronic Conexus Radio Frequency Telemetry Protocol	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-12038	EDS Subsystem, FactoryTalk Linx software (Previously called RSLinx Enterprise), RSLinx Classic, RSNetWorx software, Studio 5000 Logix Designer software	primary_impact	T1499.004	Application or System Exploitation
CVE-2018-10610	LeviStudioU	primary_impact	T1499.004	Application or System Exploitation
CVE-2018-14809	V-Server	primary_impact	T1499.004	Application or System Exploitation
CVE-2018-10636	CNCSoft with ScreenEditor	primary_impact	T1499.004	Application or System Exploitation
CVE-2018-7494	Delta Electronics WPLSoft	primary_impact	T1499.004	Application or System Exploitation
CVE-2018-18987	n/a	secondary_impact	T1499.004	Application or System Exploitation
CVE-2020-10602	OSIsoft PI System multiple products and versions	primary_impact	T1499.004	Application or System Exploitation
CVE-2019-0911	Internet Explorer 11	primary_impact	T1499.004	Application or System Exploitation
CVE-2018-8355	ChakraCore	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-0671	Windows	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-0898	Windows	primary_impact	T1499.004	Application or System Exploitation
CVE-2019-1118	Windows	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-1109	Windows	primary_impact	T1499.004	Application or System Exploitation
CVE-2019-0576	Windows 7	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-1495	Microsoft SharePoint Server 2010 Service Pack 2	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-1425	Windows 10 Version 2004 for x64-based Systems	primary_impact	T1499.004	Application or System Exploitation
CVE-2018-8248	Microsoft Office	primary_impact	T1499.004	Application or System Exploitation
CVE-2018-8111	Microsoft Edge	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-1569	Microsoft Edge (EdgeHTML-based)	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-16874	Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)	primary_impact	T1499.004	Application or System Exploitation
CVE-2019-0609	Internet Explorer 11	primary_impact	T1499.004	Application or System Exploitation
CVE-2018-8353	n/a	primary_impact	T1499.004	Application or System Exploitation
CVE-2018-8110	Microsoft Edge	primary_impact	T1499.004	Application or System Exploitation
CVE-2019-1106	Microsoft Edge	primary_impact	T1499.004	Application or System Exploitation
CVE-2019-1035	Microsoft Office	primary_impact	T1499.004	Application or System Exploitation
CVE-2019-0926	Microsoft Edge	primary_impact	T1499.004	Application or System Exploitation
CVE-2019-1052	Microsoft Edge	primary_impact	T1499.004	Application or System Exploitation
CVE-2020-8649	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2020-12652	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2020-9804	macOS	uncategorized	T1499.004	Application or System Exploitation
CVE-2016-5180	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2015-4051	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2020-13125	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2014-7187	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2016-0034	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2015-7756	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2015-2426	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2019-8540	iOS	uncategorized	T1499.004	Application or System Exploitation
CVE-2019-0604	Microsoft SharePoint Server	uncategorized	T1499.004	Application or System Exploitation
CVE-2018-19207	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2014-3413	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2012-1675	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2011-4862	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2013-4335	opOpenSocialPlugin	uncategorized	T1499.004	Application or System Exploitation
CVE-2019-13510	Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier	uncategorized	T1499.004	Application or System Exploitation
CVE-2018-8414	Windows 10 Servers	uncategorized	T1499.004	Application or System Exploitation
CVE-2020-8648	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2020-14059	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2020-12888	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2020-12655	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2020-11884	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2020-11668	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2019-16302	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2019-11869	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2018-21091	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2018-15454	Cisco Adaptive Security Appliance (ASA) Software	uncategorized	T1499.004	Application or System Exploitation
CVE-2018-14679	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2017-9142	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2017-10910	MQTT.js	uncategorized	T1499.004	Application or System Exploitation
CVE-2017-10810	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2011-1752	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2020-12653	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2020-11608	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2020-12769	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2013-4854	n/a	uncategorized	T1499.004	Application or System Exploitation
CVE-2017-14486	n/a	uncategorized	T1499.004	Application or System Exploitation
action.hacking.variety.DoS	Denial of service	related-to	T1499.004	Endpoint Denial of Service: Application or System Exploitation
action.malware.variety.DoS	DoS attack	related-to	T1499.004	Endpoint Denial of Service: Application or System Exploitation
aws_config	AWS Config	technique_scores	T1499.004	Application or System Exploitation