Common Information
Type Value
Value
Insecure Third-Party Libraries - T1425
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Third-party libraries incorporated into mobile apps could contain malicious behavior, privacy-invasive behavior, or exploitable vulnerabilities. An adversary could deliberately insert malicious behavior or could exploit inadvertent vulnerabilities. For example, Ryan Welton of NowSecure identified exploitable remote code execution vulnerabilities in a third-party advertisement library (Citation: NowSecure-RemoteCode). Grace et al. identified security issues in mobile advertisement libraries (Citation: Grace-Advertisement). Platforms: Android, iOS
Details Published Attributes CTI Title
Details Website 2024-12-23 5 Revolutionizing Code Security: How Amazon Q Developer Safeguards Modern Applications
Details Website 2024-11-25 4 Everything About Secure Code Reviews: Mastering SAST Techniques for Robust Software