logo

Trapdoor

Incomplete Base
Structure: Simple
Description

A trapdoor is a hidden piece of code that responds to a special input, allowing its user access to resources without passing through the normal security enforcement mechanism.

Common Consequences 1
Scope: ConfidentialityIntegrityAvailabilityAccess Control

Impact: Execute Unauthorized Code or CommandsBypass Protection Mechanism
Detection Methods 6
Automated Static Analysis - Binary or BytecodeSOAR Partial
According to SOAR [REF-1479], the following detection techniques may be useful: ``` Cost effective for partial coverage: ``` Inter-application Flow Analysis Binary / Bytecode simple extractor - strings, ELF readers, etc.
Manual Static Analysis - Binary or BytecodeSOAR Partial
According to SOAR [REF-1479], the following detection techniques may be useful: ``` Cost effective for partial coverage: ``` Binary / Bytecode disassembler - then use manual analysis for vulnerabilities & anomalies Generated Code Inspection
Dynamic Analysis with Manual Results InterpretationSOAR Partial
According to SOAR [REF-1479], the following detection techniques may be useful: ``` Cost effective for partial coverage: ``` Automated Monitored Execution Forced Path Execution Debugger Monitored Virtual Environment - run potentially malicious code in sandbox / wrapper / virtual machine, see if it does anything suspicious
Manual Static Analysis - Source CodeHigh
According to SOAR [REF-1479], the following detection techniques may be useful: ``` Highly cost effective: ``` Manual Source Code Review (not inspections) ``` Cost effective for partial coverage: ``` Focused Manual Spotcheck - Focused manual analysis of source
Automated Static Analysis - Source CodeSOAR Partial
According to SOAR [REF-1479], the following detection techniques may be useful: ``` Cost effective for partial coverage: ``` Context-configured Source Code Weakness Analyzer
Architecture or Design ReviewHigh
According to SOAR [REF-1479], the following detection techniques may be useful: ``` Highly cost effective: ``` Inspection (IEEE 1028 standard) (can apply to requirements, design, source code, etc.) ``` Cost effective for partial coverage: ``` Formal Methods / Correct-By-Construction
Potential Mitigations 2
Phase: Installation
Always verify the integrity of the software that is being installed.
Phase: Testing
Identify and closely inspect the conditions for entering privileged areas of the code, especially those related to authentication, process invocation, and network communications.
References 2
A Taxonomy of Computer Program Security Flaws, with Examples
Carl E. Landwehr, Alan R. Bull, John P. McDermott, and William S. Choi
19-11-1993
https://cwe.mitre.org/documents/sources/ATaxonomyofComputerProgramSecurityFlawswithExamples%5BLandwehr93%5D.pdf(2024-11-17)
ID: REF-1431
State-of-the-Art Resources (SOAR) for Software Vulnerability Detection, Test, and Evaluation
Gregory Larsen, E. Kenneth Hong Fong, David A. Wheeler, and Rama S. Moorthy
07-2014
https://www.ida.org/-/media/feature/publications/s/st/stateoftheart-resources-soar-for-software-vulnerability-detection-test-and-evaluation/p-5061.ashx(2025-09-05)
ID: REF-1479
Modes of Introduction
Architecture and Design
Implementation
Operation
Related Weaknesses
ChildOf: Embedded Malicious Code (CWE-506)
Taxonomy Mapping
  • Landwehr