Enable memory protection mechanisms
Summary
The system should enable memory protection mechanisms, such as ASLR and DEP.
Description
ASLR and DEP help to mitigate buffer overflow attacks, a common method used by attackers to exploit vulnerabilities in software. Buffer overflows consist in injecting malicious code into a program's memory, and ASLR and DEP mechanisms make it harder for attackers to predict the location of specific memory regions.
References
- CAPEC-123. Buffer manipulation
- CAPEC-679. Exploitation of Improperly Configured or Implemented Memory Protections
- MITRE-M1029. Remote data storage
- MITRE-M1034. Limit hardware installation
- PDPO-9A_66G. Powers exercisable in relation to premises and electronic devices
- CMMC-MP_L2-3_8_1. Media protection
- ISO27002-7_10. Storage media
- ISO27002-8_1. User endpoint devices
- ASVS-8_3_6. Sensitive private data
- ISO27001-7_10. Storage media
- ISO27001-8_1. User endpoint devices
- CASA-8_3_6. Sensitive Private Data
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.