Mobile Threat Catalogue

Malicious Critical Hardware Replacement


Threat Category: Supply Chain


Threat Description: Adversarial supply chain distribution channel personnel (e.g., packaging, shipping, receiving, or transfer) can intercept and replace legitimate critical hardware components with malicious ones.1

Threat Origin

Supply Chain Attack Framework and Attack Patterns 1

Exploit Examples

Not Applicable

CVE Examples

Not Applicable

Possible Countermeasures


Perform background checks on supply chain personnel as appropriate to the level of sensitivity of the component being distributed to detect placement or the potential for or actual manipulation by an adversary


  1. J.F. Miller, “Supply Chain Attack Framework and Attack Patterns”, tech. report, MITRE, Dec. 2013;  2