SPC-19 · Mobile Threat Catalogue
Archived: 2026-04-06 00:46:48 UTC
Mobile Threat Catalogue
Component Substitution during Packaging or Distribution
Contribute
Threat Category: Supply Chain
ID: SPC-19
Threat Description: An adversary with access to critical components during packaging and distribution can
substitute a malicious component for a legitimate component.1
Threat Origin
Supply Chain Attack Framework and Attack Patterns 1
Exploit Examples
Not Applicable
CVE Examples
Not Applicable
Possible Countermeasures
References
1. J.F. Miller, “Supply Chain Attack Framework and Attack Patterns”, tech. report, MITRE, Dec. 2013;
www.mitre.org/sites/default/files/publications/supply-chain-attack-framework-14-0228.pdf ↩ ↩2
Source: https://pages.nist.gov/mobile-threat-catalogue/supply-chain-threats/SPC-19.html
https://pages.nist.gov/mobile-threat-catalogue/supply-chain-threats/SPC-19.html
Page 1 of 1