104 – USB flash drive attacks
Description
It is possible to connect USB flash drives containing viruses to a corporate machine. This could allow an attacker to infect it with malicious software.
Impact
Infect machines with malware.
Recommendation
- Set physical access controls to avoid the connection of unauthorized peripheral devices. - Install the proper security suite on the workstations that mitigates the risk of malicious code infection.
Threat
Unauthorized internal attacker.
Expected Remediation Time
Score 4.0
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
- Attack vector: P
- Attack complexity: L
- Attack Requirements: N
- Privileges required: N
- User interaction: N
- Confidentiality (VC): L
- Integrity (VI): L
- Availability (VA): L
- Confidentiality (SC): N
- Integrity (SI): N
- Availability (SA): N
Threat 4.0
- Exploit maturity: X