🇬🇧 Integration of Untrusted Software
🇬🇧 Integration of Untrusted Software
محتويات التنبيه:
معلومات :
| المرجع | CERTFR-2022-CTI-007 |
| العنوان | 🇬🇧 Integration of Untrusted Software |
| تاريخ الاصدار الأول | 07 décembre 2022 |
| تاريخ أخر تحديث | 07 décembre 2022 |
| المصادر | |
| المرفقات | Aucune(s) |
المخاطر:
الأنظمة المثأثرة:
ملخص الثغرة:
الحلول من هده الثغرة:
Regulatory frameworks of some countries may require companies operating in their territory to use specific software. While their integration does not usually present any technical concern, such software can be used by adversaries as an entry point to a computer network. The revelation in June 2020 of backdoor-like functionalities in certain versions of software required by Chinese regulations, as well as the NotPetya supply chain attack in 2017, illustrate the security issues posed by the integration of untrusted software.
المصادر: