SPC-18 · Mobile Threat Catalogue
Archived: 2026-04-05 18:14:06 UTC
Mobile Threat Catalogue
Subassembly Malware
Contribute
Threat Category: Supply Chain
ID: SPC-18
Threat Description: An adversary with access to software being integrated into a system during a subassembly
manufacturing process can embed malware into a sub-assembly.
1
Threat Origin
Supply Chain Attack Framework and Attack Patterns 1
Exploit Examples
CVE Examples
Possible Countermeasures
References
1. J.F. Miller, “Supply Chain Attack Framework and Attack Patterns”, tech. report, MITRE, Dec. 2013;
www.mitre.org/sites/default/files/publications/supply-chain-attack-framework-14-0228.pdf ↩ ↩2
Source: https://pages.nist.gov/mobile-threat-catalogue/supply-chain-threats/SPC-18.html
https://pages.nist.gov/mobile-threat-catalogue/supply-chain-threats/SPC-18.html
Page 1 of 1