Home/CAPEC/Pull Data from System Resources
Attack Pattern

Pull Data from System Resources

CAPEC-545 · Standard · Draft
An adversary who is authorized or has the ability to search known system resources, does so with the intention of gathering useful information. System resources include files, memory, and other aspects of the target system. In this pattern of attack, the adversary does not necessarily know what they are going to find when they start pulling data. This is different than CAPEC-150 where the adversary knows what they are looking for due to the common location.

Targets These Weaknesses (CWE)

8
The underlying weaknesses this attack pattern exploits. Follow into a CWE to see affected CVEs and its relationship tree.
CWE-1239Improper Zeroization of Hardware Register
CWE-1243Sensitive Non-Volatile Information Not Protected During Debug
CWE-1258Exposure of Sensitive System Information Due to Uncleared Debug Information
CWE-1266Improper Scrubbing of Sensitive Data from Decommissioned Device
CWE-1272Sensitive Information Uncleared Before Debug/Power State Transition
CWE-1278Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques
CWE-1323Improper Management of Sensitive Trace Data
CWE-1330Remanent Data Readable after Memory Erase
External lookups - second-class, for what we don’t hold ourselves
MITRE CAPEC
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin